International Journal of Future Generation Communication and Networking Vol. , No. , March, 2009 9 Safeguard Intranet Using Embedded and Distributed Firewall System Chu-Hsing Lin, Jung-Chun Liu, Chien-Ting Kuo, Mei-Chun Chou, and Tsung-Che Yang Department of Computer Science and Information Engineering, Tunghai University, Taichung 407, Taiwan { chlin, jcliu, g96350047, g96350011, g973570019}@thu.edu.tw Abstract Due to the impact of the rapid popularization of Internet and e-commerce, most organizations and enterprises take great effort to protect their information systems against malicious attacks and invasions. The firewall is the most familiar method among relevant technologies for Internet security. However, the firewall systems in use today are either application software or utilities running on the personal computers or network nodes. It is very inconvenient to implement and manage the conventional firewalls. In order to make the management and construction of them easier without disrupting the existing network topology, we implement an embedded and distributed firewall system to safeguard the Internet. In this way, we combine the functions of the firewall and a central security policy server into an embedded system, which can be realized as a network interface card. Keywords: Intranet, Firewall, Embedded Firewall, Distributed Firewall 1. Introduction The Internet and the e-commence are more and more popular in recent years. Researches on the network security technologies have become very important for both government organizations and business corporations [1]. To investigate the Security technologies in use, Gordon et al. show that use of firewall technologies is the most popular among their respondents in USA [2]. Use of the firewall technology is accounted for 97% of the 687 respondents. However, most firewalls in use are based on the conventional firewall architecture. They consist of either application software or utilities running on the PC or network nodes. The conventional firewalls are usually set up on the entry point of the network for the organization or corporation. A number of serious problems of the conventional firewalls can happen. First, since these firewalls are set up in a single choke point, if the firewall is broken due to power outage or flooding attacks, all computers in the intranet will be disconnected to the Internet. Second, the intranet threat is also a problem confronting Management Information Systems (MIS) in many corporations. For example, if an employee inadvertently opens a malicious e- mail from the Internet and infects his computer with a worm. Suddenly, all of the other computers inside the same intranet would be infected with the worm via this employee’s computer. Therefore, we propose to implement a Distributed Security System implemented with am embedded firewall to improve the efficiency of the conventional firewall. And this Distributed Security System is shown to not only have functions of conventional firewalls but also be able to work against intranet threats.