Some Problems with Perimeter Firewalls

Document Type Expired Internet-Draft (individual)
Author Angelos Keromytis 
Last updated 2002-11-01
Stream (None)
Expired & archived
plain text htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document discusses some of the shortcomings of perimeter firewalls and the reasons for employing end-point (or distributed) firewall functionality in the network, either as an alternative or coexisting with traditional network access controls.


Angelos Keromytis (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)