6

Introduction
Security Monitoring in High-Performance Networks

    ATM switches lack filtering mechanisms.

    • no ``firewall'' functionality provided
    • decisions deferred to end-hosts

    Network media bandwidth increasing (much) faster than host speed.

    ATM can hinder access to higher-level protocol information.

    • IP header fragmentation (byte-by-byte)
    • IPv6 header length

    IPSEC

    New protocol deployment introduces unexpected (and exploited) vulnerabilities.