The Great Bridge the Construction of the Brooklyn Bridge Essay Example

The Great Bridge: the Construction of the Brooklyn Bridge Paper THE GREAT BRIDGE: THE CONSTRUCTION OF THE BROOKLYN BRIDGE AN NTCP ANALYSIS OF THE BROOKLYN BRIDGE PROJECT EM – 612 B Group D Luigi Ballarinni David DeBorja Matthew Gelmetti Jonathon Lum? TABLE OF CONTENTS 1. Executive Summary3 2. Background4 3. Statement of Problem5 4. Project NTCP Analysis7 5. Project Approach11 6. Conclusion16 7. References19 ? EXECUTIVE SUMMARY The goal of the Brooklyn Bridge was to allow people to cross the East River without waiting for a ferry, which at the time was the only way to travel to from Brooklyn to Manhattan. The new bridge would allow people to walk, ride a carriage, and even ride the rail, so people and goods could easily travel from one side to the other. This project made groundbreaking revelations; this included using engineering techniques which had not been used in the type of scale to their extent. Two types of engineering practices were the use of caissons for the foundation and a suspension bridge system, both of which had been limited in use before the Brooklyn Bridge. The way in which Roebling approached the Brooklyn Bridge was a critical component of the management project; he had a vision in mind before being granted the project and executed the project according to his elaborate plan. Although the construction of the Brooklyn Bridge was incredibly successful, the approach taken had left the very little room for error for the designers. Much of the success lies in the fact that the Roeblings had gotten most of the characterization correct. However, without any contingencies, the plan lacked much flexibility to adjust to any major setbacks to the project. We will write a custom essay sample on The Great Bridge: the Construction of the Brooklyn Bridge specifically for you for only $16.38 $13.9/page Order now We will write a custom essay sample on The Great Bridge: the Construction of the Brooklyn Bridge specifically for you FOR ONLY $16.38 $13.9/page Hire Writer We will write a custom essay sample on The Great Bridge: the Construction of the Brooklyn Bridge specifically for you FOR ONLY $16.38 $13.9/page Hire Writer The Brooklyn Bridge has progressed history in more ways than just one: even though it was one of the greatest marvels of the 19th century, it seems to have driven us to now always push the limits of engineering to its physical bounds and even past them. The following NTCP chart displays the categorization of the project, and the approach that the Roeblings had taken (shown in red): ? BACKGROUND In the early 1800’s, Brooklyn and New York (Manhattan) were considered two separate cities. Even though they were just separated by a mile of water, the amount of trade which could be done between the two cities was severely limited. Their location along the eastern seaboard and the accessibility of their ports through the East River, made these two cities among the most prosperous in the United States. The East River prevented the two cities from utilizing the advantage of their proximity to each other. This was mostly due to the fact that the most common route from Brooklyn to New York was to take a ferry across the East River. Many problems were arising from the situation of only having ferries to get across the East River. This was resulting in long queues, overcrowded waterways, and dangerous conditions among others. In particular, the long queues seemed to be the largest problem; just one mile of water was stopping people from transporting anything whether it be their car or their time perishable cargo across to New York or Brooklyn. To have another way across, would allow for people to cross the East River without waiting as long. Business for these merchants would be easier with a method to cross the East River that did not involve ferries. It was often said that taking a train to Albany was faster and easier than trying to cross the river. The detrimental effects of not having any way across the East River except for the ferry climaxed in the winter of 1866-1867. Being that this was an extremely cold winter, much of the East River had frozen over leaving most traffic between New York and Brooklyn at a standstill because the ferries were not able to get across. This prompted the New York Bridge company to charter a project which would allow people to get from one city to the other in a time effective method that was not by ferry. They eventually decided to pick a chief engineer, John A. Roebling, who was famous for his wire rope suspension bridges.? STATEMENT OF PROBLEM The impending plans for the Brooklyn Bridge were seemingly daunting for its day and age. For one, it stood to become the longest bridge in the world, reaching over 50% longer than any bridge before it. The Brooklyn Bridge was also set to be built on the East River, one of the busiest waterways in the world. These were just some of the many issues that lay ahead of the construction of the Brooklyn Bridge. The first problem that was to be encountered by the designers of the bridge was the East River itself. The East River, unlike the name suggests is not so much a river, but more like a salt water estuary. This meant that unlike a river, the East River faced tidal conditions similar to most bodies of water connected to the ocean; these tidal conditions also contributed to the high levels of turbulence that existed in the waters. The East River also had not been fully explored to its depths. The sandy bottom prevented the designers from knowing how deep they would need to dig to reach ground solid enough to build a foundation to hold up the massive structures required for the bridge. The East River was also one of the busiest waterways in the world. This was the waterway that provided the lifeblood of two the busiest commercial ports in the world. Because of the traffic that would flow through the East River, any bridge that would span it, would need to ensure that the span reached high enough to avoid even the tallest sails of the largest ships. In fact, the legislation that authorized the construction of the bridge stipulated that the bridge must not â€Å"obstruct, impair, or injuriously modify† the navigation of the river. Finally, we have to consider the bridge itself. The impending Brooklyn Bridge would easily surpass all existing bridges in terms of length. With the requirement of the bridge not impairing water traffic, the bridge span must be much higher than many other bridges. Building a bridge of this length and height would require the use of a suspension bridge architecture. However, at the time, the suspension bridge concept was a relatively new architecture and had never been tested on a large scale. This architecture also would require two towers to support the structure and would require the construction of a foundation deep beneath the East River, using caissons. Caissons have been used to build structures underwater, however many of the uses were on a much smaller scale, and in much shallower waters. The design and construction of the Brooklyn Bridge obviously faced enormous hurdles and public skepticism before it was to be completed, therefore the proper design and approach must be taken in order to ensure the bridge is constructed successfully. PROJECT NTCP ANALYSIS In order to understand how the Roeblings’ approach fit the project, we must first analyze the project on its own merit. Because of the enormously complex task at hand, it would help to have an organized method to analyze the project, therefore an NTCP analysis was performed on the project. An NTCP analysis is a technique used to characterize projects. This characterization is formed from a basis of 4 key criteria, which form the anagram that the analysis is named after. While many projects may have inherent differences depending on the objective of the task, the resources available, and the complexity of the project; by analyzing a project using the NTCP technique, a project manager may find that many similarities do exist between projects which are seemingly unrelated. By analyzing projects with similar NTCP profiles we can find that many of the projects encounter the same types of problems and require a similar managerial approach. The first component of the NTCP analysis is Novelty. Novelty is used to describe the relative familiarity of the product to the developers and customers. Novelty is broken into three main categories, labeled: Derivative, Platform, and Breakthrough. Derivative projects are defined by projects that extend or improve existing products, such as a next year iteration of an existing project. Platform projects create a new generation or significant improvement over existing products, such as the development of a new aircraft. Breakthrough projects introduce never before seen products or new to the world products, such as the creation of the computer. The Brooklyn Bridge project introduced a number of new breakthroughs in construction technology that influence the industry even to this day. Considered by many to be one of the greatest engineering feats of the 19th century and a marvel of construction, the Brooklyn Bridge ushered in the era of the modern-day suspension bridge. This bridge created a new concept that introduced the framework for building the modern-day suspension bridge, capable of crossing incredible distances. However, for all the incredible accomplishments and breakthroughs, it was still a bridge, and designers and builders have built bridges before, and therefore have some experience and familiarity with the project. Based on this, we can classify this project as a Platform project. Technology is the second component, which makes the T of the NTCP analysis. The four categories that make up the Technology component are: Low Tech, Medium Tech, High Tech, and Ultra-High Tech. Low Tech projects involve the use of existing, well established technologies. Medium Tech projects use many existing technologies with a few new developments. High Tech projects use many new or recently developed technologies, and possibly a few new technologies. Ultra-High Tech projects generally must develop new technologies as the basic technologies do not yet exist to accomplish the task. The Brooklyn Bridge project had accomplished a number of technological breakthroughs by the time of its completion. One such development was the use of caissons. This was not the first ever use of caissons, in fact caissons had been in use for at least a generation, originating in Europe. The most advanced use of caissons at the time had been the Royal Albert bridge, where Brunel had lowered a caisson over 70 feet to build the foundation for the railroad bridge. However, John Roebling’s plan for the caissons were much larger than anything previously done, and were going to be dropped at least 30 feet deeper than the caissons used in Brunel’s project. The use of steel as a construction material was also a major technological development, as projects mainly used Iron at the time. The suspension bridge itself was a technological achievement as the bridge pushed the limits of construction and architecture; at the time of completion, the towers that support the bridge were the tallest free-standing structure in North America. While there was a significant number of breakthroughs for the Brooklyn Bridge project, the project still relied on many tried and true techniques, which would make this project a High Tech project. Figure 1: The design plan for one of the supporting towers for the bridge Complexity makes up the C component of the NTCP analysis. Complexity is a difficult category to encapsulate, as scale alone cannot completely determine the complexity of a project. â€Å"A very large, and expensive project in one industry say construction might be less complex than a smaller project in another industry, such as biotechnology† (reinventing PM, p102). Therefore we have to base complexity on a number of factors such as cost, scale, number of functions and components, and complexity of the organization and relationships between components. Complexity can also be related to the complexity of both the product and the process used to develop the product. The three categories that compose the complexity of a project are: Assembly, System, and Array. Assembly projects are composed of a collection of components that combine to form a single unit with a single function of a limited scale. System projects are a complex collection of components and subsystems, which can perform multiple functions. Array products are comprised of a wide collection of systems or networks which work together to achieve a common objective. The Brooklyn Bridge project contained a number of components which in themselves can be considered systems or subsystems. The bridge required a foundation and tower component which were being built in an incredibly difficult terrain (over 100 feet underwater). The total length of the bridge was 3,460 feet, including 1,595 feet 6 inches between the two towers. The cable and anchoring system was to be much stronger than anything of its day, and were to be constructed using steel, the first time steel was to be used during a major construction project. After taking all factors into account, this project can be categorized as a System Project. Finally we reach the Pace of the project. The Pace of a project is fairly simple concept to determine, yet it may have far reaching consequence when it comes to execution of the project. The four categories the make up the Pace component are: Regular, Fast/Competitive, Time-Critical, and Blitz. For a Regular program, time is not an important factor in the success of a project. Fast/Competitive projects exist when the success of a project is not dependent on the project completing on time; however, timely completion of the project will have a significant impact to the organization’s competitive advantage and/or bottom line. Time-Critical projects are ones where the success of a project is dependent on completion of the project by a certain time; a delay in completion can mean project failure. Blitz projects are generally projects run during a crisis. Blitz projects often do not have a structured organization, rather decisions are made as quickly as possible to deal with the situation at hand. While the Brooklyn Bridge project was clearly not a Blitz or Time-Critical project, the fact that congress originally provided 3 years to build the bridge, showed a level of urgency desired by the legislating government. Add in the merchants and citizens who stood to benefit from a simple mode of transportation across the East River without having to wait for a ferry; and there was clearly a desire for the bridge to be worked on at a fast pace, resulting in a classification of Fast/Competitive. From the analysis given, the Brooklyn Bridge project could be classified with the following NTCP chart: Figure 2: NTCP diagram of Brooklyn Bridge project ? PROJECT APPROACH For John Roebling, the Brooklyn Bridge project did not begin with approval of the project. In fact, Roebling had been planning a crossing of the East River as early as 1857, when he began making drawings detailing the towers the bridge would require. By 1867, when the New York state legislature had chartered the New York Bridge company to proceed with the construction of the project, Roebling had already devised much of the plans for his bridge. To help in understanding the workings of using a caisson, Washington Roebling, had set out to study caissons being used in Europe for over a year, as well as to pay a visit to the ongoing Eads Bridge crossing the Mississippi, where James Eads was using caissons to build his bridge. Skeptics opposed the idea of the Brooklyn Bridge’s suspension design by linking it to the vibrational effects from wind that destroyed the deck of the Wheeling Bridge on the Ohio River (Great Bridge p33). However, Roebling was involved only in the repair by using auxiliary stay cables. Thus, this design feature was also incorporated into the future design of the Brooklyn Bridge. To help alleviate public skepticism and ensure the legitimacy of the design, John Roebling hired a panel of seven consultants to approve of the work he was set to perform. John Roebling stated: â€Å"In view of ‘the magnitude of the undertaking and the large interests connected therewith’, it was ‘only right’ that his plans be ‘subjected to the careful scrutiny’ of a board of experts† (GREAT BRIDGE, p25). However, it was never Roebling’s intention to listen to the advice of the experts he had chosen, rather, he had only intended to convince these men that his design would work. To do this, Roebling emphasized the suspension bridge would be built 6 times as strong as needed. Demonstrating his point, he claimed the design of the bridge would be of such that if the four main cables were to break, the bridge would sag, but not break. This way, the span of the bridge would be designed strong enough to hold its own weight without breaking, a very impressive feat for a suspension bridge. Thus John Roebling achieved the objective of his expert consultant group: to use their reputation and status to convince any remaining skeptics that his bridge was stable and proceed forward with the plan. Another characteristic of the approach taken by John Roebling, was that although he had his name attached to the project, he was hardly the face of the project. This task, he left to his eldest son, Washington, with whom he confided much of the plan, still kept secret from the rest of the world. Had it not been for Washington Roebling’s excellent education, and desire to follow in his father’s footsteps, the plans for the Brooklyn Bridge might have been in trouble when in 1869, as the construction of the bridge was set to begin, John Roebling was involved in a freak accident, that crushed his toes at the pier he was surveying for the project. The toes were amputated but rather than seeking medical assistance, he refused to listen to his doctors’ advice, which some say may have prevented him from developing the fatal bout with tetanus. John Roebling’s death had left the stakeholders of the bridge in a quandary about how the bridge was going to proceed. However, John Roebling had long desired for his son Washington to take over the project at some point, and had discussed this issue with William Kingsley on a number of occasions. In fact, Roebling had initially suggested that Washington be in charge of the project from the start, but that was deemed unacceptable. Because the detailed designs were kept secret except for John and Washington Roebling, it was easier to pass along the lead of the project from father to son because Washington knew what ideas were going to be implemented in the project. This also prevented someone completely new who did not understand what John was doing and would want to change the ideas. With a clear line of succession, the choice was obvious: Washington Roebling would be allowed to continued the project after his father’s death, taking on the role of Chief Engineer. At this point, much of the project planning was done. This included how the design was going to be carried out for the caissons, towers, wires, and actual roadways. Also, requirements needed to be closely considered in order to make sure that stakeholders were satisfied. Construction started on land where the caissons were built. These large wooden boxes had to be the width and thickness the towers were going to be. They were then floated into position and weighted down until they reached the sandy river bottom. Compressed air was inserted into the caissons keeping the water out as they dug deeper. Figure 3: Cross-section of caisson containing muck holes, shafts for people, and pipes where air pressure was pumped in. Due to the compressed air within in the caisson, the workers were limited to 2 hour shifts before the effects of the â€Å"Caisson’s Disease† began appearing. Special chambers called airlocks were developed and helped prevent the negative effects from forming when the finished worker would ascend too rapidly. However, over the length of the project, about 27 workers died from working in the caissons. Digging deeper inside the caissons was extremely slow. The best performance was 6 inches a week (Sheong). Although the Brooklyn tower’s caisson eventually reached bedrock at 44 feet, the Manhattan tower’s caisson continued to go deeper. When the Manhattan tower caisson had reached a depth of 78 feet, and bedrock was still not found, Roebling recalculated whether the tower structure would be able to meet the strength requirements and made the decision to stop digging at this point. The increased weight of the tower was to hold the caisson in place. This delayed the project because there was no way of knowing how deep the bedrock on the Manhattan side was and if 78 feet was stable enough to hold the tower. The next part of the project which needed to be done once the caissons were in place was fill them in and complete the towers. Right before this, a fire broke out in one of the caissons Washington Roebling was inside of. From the rapid ascension, Washington suffered gravely from the â€Å"bends† and left him paralyzed for the rest of his life. From his apartment in Brooklyn Heights, Roebling oversaw construction through a telescope while his wife, Emily Roebling, coordinated the construction at the site under his direction. Once the caissons were filled with concrete, the towers started to be built. The entire project was supposed to only take 3 years, however once the towers were finished being constructed, it was already 1876, more than 6 years since Washington had sustained his injury. Initially, John Roebling had designed the bridge to be six times as strong as required. However, as the installation of the wire rope was in progress, it was discovered that some of the wire was a substituted material, not steel. This made it have an inferior quality and was discovered when one of the steel cables snapped. This was supplied by contractor J. Lloyd Haigh. As a result, the bridge was only 4 times as strong as required and was allowed to stand with additional 250 cables. In 1880, Haigh was convicted of fraud and jailed; however, his steel cables could not be replaced because it had already been placed in throughout the bridge which was standing. Figure 4: Wrapping cables in protection. The New York Polytechnic Society devoted several lectures at â€Å"Cooper Union devoted exclusively to the supposed engineering fallacies of the Roebling plan† (Great Bridge p28). To an even greater extent, concern arose that the bridge would interfere with traffic to and from the Navy yard. Thus, Chief of Army Engineers, A. A. Humphrey’s â€Å"decided to appoint his own review panel to give an opinion about it, irrespective of the conclusions reached by Roebling’s consultants† (Great Bridge, p28). â€Å"When it opened on May 24, 1883 the world took notice and the entire United States celebrated. And the bridge, with its majestic stone towers and graceful steel cables, isnt just a beautiful New York City landmark, its also a very dependable route for many thousands of daily commuters† (http://history1800s. bout. com/od/bridgebuilding/a/brooklynbrid01. htm). However, while there was much public celebration, there was also just much public skepticism. People were both afraid of whether the bridge would be stable enough for people to come across. Even a week after the opening on May 30th, 1883, a public stampede caused by a false panic that the bridge was collapsing caused the death of 12 people and injuries to many others. In order to put this stigma to rest, Roebling hired the â€Å"great showman Phineas T. Barnum to lead a parade of 21 elephants, including the famous Jumbo, across the bridge a year later, in May 1884† (1800s, strollers on bridge, pg11). This proved the stability of the Brooklyn bridge and was no longer feared that it was unstable. ? CONCLUSION Based on the tasks and design used by the Roeblings, we can attempt to classify an NTCP approach the Roeblings used to manage their project. The Roeblings performed an incredible amount of research on previous generations of the product, and John Roebling was considered by many to be one of the premier bridge engineers of the day. Washington Roebling spent a year abroad in Europe studying the use of caissons, and visited a recent project using caissons at depths similar to that planned for the bridge. John Roebling had also performed a fantastic job of marketing the product, proclaiming the bridge to be a transformative marvel for the world to see. By the time the bridge had opened, the entire world was watching, and there had been such a buildup, the President made it a point to be among the first travelers to cross the bridge. This incredible amount of research and marketing is key for a project introducing a novel concept. However, the Roeblings also had a strict design, which had been frozen at the beginning of the construction process. They had not communicated their plans with anyone besides themselves and therefore took serious risk in the case that both engineers had become disabled, as was the case. Luckily for Washington Roebling, while he suffered severe injuries, they had not been grave enough to prevent him from continuing the project with the help of his wife, Emily. John Roebling had also brought on a panel of technical experts to assess his project; however he never intended to listen to any consultation. Rather, than use their expertise to assess the practicality of his project, his only objective was convincing a skeptical public to allow the project to proceed. Although the Roeblings performed many of the requirements of managing a Platform project, they had also managed the project with many characteristics of a Derivative project, therefore it would be best to classify the Roeblings’ approach a Derivative-Platform approach. Ideally, in order to better fit with the project, the Roeblings should have been more flexible, ensuring that the level of project uncertainty was at a minimal level, before freezing the design plan. They also should have communicated their plans with a committee who could have provided additional perspective that might have noticed any possible flaws that may have existed in the plans. With most projects that contain the level of technological accomplishment of the Brooklyn Bridge project, it was imperative that the designers take the right approach to the match the technical uncertainty of project. The Brooklyn Bridge project required the use of a High Tech technological approach, based on the level of technical achievement and technical uncertainty surrounding the task. A High Tech technical approach would have required flexibility in planning to deal with uncertainty, prototypes and considerable development and testing integrated into the project plans, and frequent communication to the project teams on multiple levels. However, the approach the Roeblings had taken was much different. Instead, the Roeblings had a very rigid design plan, feeling that adherence to the very intricate plan was essential to the success of the project. They had not developed any prototypes, although granted, budget limitations probably would have made a prototype an impossibility. The Roeblings also did not follow a very open communication plan, deciding instead to keep the engineering plan close to the vest. Much of this can be attributed to the engineering culture of the time, as many engineers were very competitive, and most engineers had the mentality of protecting the secrets of their process, rather than helping to promote the science and art of engineering. Because of these characteristics of their project, the Roebling’s approach would need to be classified as Medium Tech. Incredibly, the project encountered relatively few setbacks, none of which were significant enough to derail the project. However, if we were to improve this process, we would certainly have introduced contingencies to allow some flexibility in the design plan, as well as improve the level of communication from the design team to the construction team. The Brooklyn Bridge was an incredibly complex construction project for its time, and based on our NTCP analysis, given a rating of System-level complexity. A System project usually involves complex planning, with a contractor chosen to operate the project. Characteristics of these projects often include a tight level of control, and a significant level of documentation. The Roeblings had indeed operated the project as a complex project with a System level of complexity. They maintained tight control of the project, and created intricate plans for a complex building process. An organization, the New York Bridge Company, was created for the sole purpose of building the Brooklyn Bridge. This allowed for many of the less exciting, non-engineering related tasks to be delegated to someone other than the Roeblings, who surely would have bristled at the thought of worrying about obtaining funding, filing paperwork for the expenditures of the project, or any other tedious task not directly related to the building of the bridge. The pace of a project is an important determinant in the performance of a project plan. As a Fast/Competitive project, the plan is geared with a focus towards accomplishing the objective as soon as possible, as delays can cause a loss of competitive advantage or loss of revenue for the organization. Fast/Competitive projects are often run with a strong level of coordination with subcontractors, and clear, structured plans to ensure the tasks are organized and run efficiently. However, Fast/Competitive projects are not entirely dependent on meeting a deadline, and although great measures are performed to ensure the completion of a project as soon as possible, delays in the project schedule does not immediately cause project failure. Surely the Roeblings followed a structured plan to organize the tasks and ensured that the process stayed on track, yet were aware of the delays that might occur based on the nature of the task, therefore they followed a Fast/Competitive approach. Figure 5: NTCP diagram of project and the approach taken (shown in red) By analyzing the NTCP characterization of both the project and the approach taken by the Roeblings, we can see that there are some discrepancies between the two. While it seems the Roeblings had properly understood the Complexity and Pace of the project, it seems as though they had underestimated the Technology and Novelty of the project. Luckily enough for them the decisions they made and the project proceeded without any major setbacks, and they ended up with one of the engineering marvels of the 19th century. REFERENCES David G. McCullough, The great bridge: the epic story of the building of the Brooklyn Bridge, Simon and Schuster, 2001 http://en. wikipedia. org/wiki/Brooklyn_Bridge http://history1800s. bout. com/od/bridgebuilding/a/brooklynbrid01. htm http://history1800s. about. com/od/bridgebuilding/ig/Images-of-the-Brooklyn-Bridge/Brooklyn-Bridge-s-Caisson. htm http://www. endex. com/gf/buildings/bbridge/bbridgefacts. htm http://www. racontours. com/archive/caissons. php http://www. civilengineergroup. com/building-brooklyn-bridge. html http://www. eyewitnesstohistory. com/brooklynbridge. htm http://www. youtube. com/watch? v=VvG6DSTej4 U http://scheong. wordpress. com/2010/09/21/the-story-of-the-brooklyn-bridge-a-roebling-family-production/

buy custom International Job Research Paper essay

buy custom International Job Research Paper essay Citizens of the developed countries seek opportunities in the foreign countries due to the rising unemployment rate in their home countries. Areas that require expertise in the foreign countries provide opportunities for foreign citizens. Moving to work abroad requires adequate preparation to ensure that the international experience is smooth. The current paper seeks to explain the steps that I will take to learn, prepare for and begin my international experience. There exist a great number of employment opportunities in Thailand. Therefore, I would choose to teach English in Thailand. It is so because Thailand adopted teaching English as the second language in secondary schools and universities (Delgado Boncheva, 2012). English is used as a business language in Thailand; hence, there is a need for teaching students to prepare them in early stages. This provides an opportunity for foreign teachers. Teaching English in Thailand will be a great experience for me. Thais are friendly, and the country is safe. I will consider full time employment in Thailand. Thailand uses Thai baht as its currency. Thai baht is in denominations of one, two, five and ten as coins, and notes from denominations of twenty and above. There are several banks that have exchange bureaus where travelers' checks can be exchanged. There are many automated teller machines around the country. Major credit cards such as visa and master card are acceptable in many outlets. This makes transactions to and from home easier. When moving to Thailand I will be required to obtain a visa from the embassy of Thailand in the United States. My stay in Thailand will last for more than a year, so there are several important vaccines that I need to take before departure. These vaccines include Hepatitis A, which is administered two weeks before travelling and Typhoid vaccine that is administered orally and which is taken at intervals. Japanese encephalitis vaccine is importat because most of the activities to be undertaken will take place outdoor. Hepatitis B vaccine should also be given to those travelers who have not received it recently. Tetanus-diphtheria vaccine will also be important for travelers who have not received it in the last ten years. Travelers that were born after 1956 should get the measles-mumps-rubella vaccine. It cannot be administered if blood tests confirm immunity. Also, one should consider getting yellow fever vaccine. There exist potential road blocks to this opportunity. It will be necessary for me to learn the Thai language in a bid to acquire better communication skills. There are various concerns that I have regarding this opportunity. Some information about the visa to Thailand is unclear. It is not clear what kind of visa I should take to avoid border issues. Housing is another big concern in Thailand. Foreigners pay double the price paid by natives. I should also take various tests in English as a foreign language to qualify for this opportunity. The teaching profession is not well-paid in Thailand, considering that English is used as the second language. Thailand has an American embassy; making it possible for United States citizen to be well represented in Thailand. The American embassy is located in the Bangkok city. It is the third largest American embassy in the world. It has various functions to aid the American citizens and advancing United States interest in Thailand and neighboring countries in South-East Asia. The United States of America also has its presence in a consular office located in ChingMai. This consular office serves American citizens in a section referred to as American citizen service that is charged with a task of helping expatriates and issuance of emergency visas to citizens in Thailand and neighboring South-East Asian countries. The basic language in Thailand is the Thai language. Thailand is a stronghold for Buddhism. A Large number of people in Thailand are Buddhist (Willliams Ladwig, 2012). Wai is the formal way of greeting. A person will raise his/her hands with the palms held together, then touch the head and in between the chest and bow his/her head. Young people are the first to give the Wai. It can be done while standing or seated. An elder then receives the wai by bowing their heads. Respect is shown by how low the head is bowed. Young people should bow when giving wai to elders who are seated. Thais have strong family ties compared to western countries. Learning how to communicate in Thai will be crucial in this experience. It will be useful when communicating with locals who have no knowledge of English. Thailand is a land with a deep heritage and it observes Buddhist religions and culture. In a bid to relate well with these cultures, I have to understand them better (Williams Ladwig, 2012). The learning process should be slow and effective. Thais have different etiquettes in their daily activities. Dining etiquette is very important to understand. I should observe time, though being late for a few minutes is not considered to be bad. On table manners, Thais use a fork and a spoon as their main utensils. Spoons and forks are not used only when eating noodles; they use chopsticks. It is advisable to remove your shoes if your host is barefoot (Ting-Toomey, 2012). When served with food, you should leave a little on the plate to show that you are full. However, for rice, which they consider as their daily bread, leaving it on the plate is viewed as wasteful. One is prohibited from licking fingers after meals as it is considered as bad manners. To earn respect from Thais, one has to show a lot of respect to them. It is a long process, but it is a worthwhile experience. Thais judge people on their dressing. Thus, it is very important to ensure that every time I am in well-polished shoes. Conservative attire is highly encouraged; men should wear dark colored suits. There exist some resources that help people to pursue their experience in Thailand. Buy custom International Job Research Paper essay

Academic analytics Essay Example | Topics and Well Written Essays - 1000 words

Academic analytics - Essay Example adley review acknowledges that benchmarking activities such as student engagement serve as indicators for gauging the institution’s quality (Commonwealth Government of Australia, 2008). Increased competition, accreditation, assessment and regulation are the major factors encouraging the adoption of academic analytics in institutions of higher learning. Although institutions of higher learning gather a lot of vital data that can significantly aid in solving problems like attrition and retention, the collected data is not being analysed adequately and hence translated into useful data (Goldstein, 2005.) Subsequently, higher education leadership are forced to make critical and vital decisions based on inadequate information that could be achieved by properly utilising and analysing the available data (Norris, Leonard, & strategic Initiatives Inc., 2008). This gives rise to strategic problems. This setback also depicts itself at the tactical level. Learning and teaching at institutions of higher education if often a diverse and complex experience. Each and every teacher, student or course is quite different. However, LMS is tasked with taking care of them all. LMS is a t the centre of academic analytics. It records each and every student and staff’s information and results in a click within the system. When this crucial information is added, compared and contrasted with different enterprise information systems provides the institution with a vast array of useful information that can be harvested to gain a competitive edge (Dawson & McWilliam, 2008; Goldstein, 2005; Heathcoate & Dawson, 2005). In order to retrieve meaningful information from institution sources i.e. LMS, the information has to be correctly interpreted against a basis of educational efficiency, and this action requires thorough analysis from people with learning and teaching skills. Therefore, a collaborative approach is required from both the people guarding the data and those who will interpret

Disifectant lab Assignment Example | Topics and Well Written Essays - 250 words

Disifectant lab - Assignment Example It was highly effective in Gram positive S. aureus (inhibition diameter of 20mm) compared to the Gram negative bacteria (P. aureginosa and E. coli at inhibition diameters of 0 and 6 mm). Chlorox, which contains sodium hypochlorite works by unfolding and permanently aggregating vital bacterial proteins hence killing bacteria. Fabuloso is a cleaning agent without antimicrobial properties. However, it inhibited the growth of S. aureus and P. aureginosa (at inhibition diameter s of 25 mm and 36 mm respectively) by acting as a detergent and interfering with the cell membrane. 3. The disinfectants worked differently on different organisms because certain microbes such as E. coli and P. aureginosa were Gram negative while S. aureus was Gram positive. All disinfectants were effective against S. aureus because they were able to traverse the thick peptidoglycan layer of its cell wall. In addition, the disinfectants contained different active ingredients, which had different chemical properties. 4. The disinfectant of choice for use in the kitchen, laboratory or on myself would be Clorox. I would choose Clorox because it showed the largest inhibition distance in the growth of the three microbes at inhibition diameters of 55 mm 54 mm and 46 mm for E. coli, P. aureginosa and S. aureus respectively. Therefore, it would be an effective disinfectant because it would destroy an array of bacteria. In addition, it is relatively safe for human use since it contains chemicals that are used in the treatment of drinking

Analysis Essay Example | Topics and Well Written Essays - 2000 words

Analysis - Essay Example People who work in this type of industry are often linked with issues that deal with deception and public manipulation. The release of information is so quick that it tends to become viral affecting people of all ages. Whatever medium that may be whether it is radio, television or print, finding a market is not at all hard since people are always intrigued with what is happening around the world. Media Companies Media Companies earn money basically through the widespread of information. Almost in every household there is a presence of mass media through its mediums like the television, newspapers, magazines, computers or even cellular phones. Clearly this shows the attachment of the following mediums to the people’s everyday lives. The thing that is common between the media companies and other types of businesses is that they spend money to create or buy products that will eventually let them earn profit. Many people will gain benefit from it including those who are seeking jo bs and hoping to work in media companies. A lot of risks are present when a media company releases something new to the public. There is for example rejection, people’s lack of interests to the advertised product or services, the spreading of the wrong information that may lead to law suits or the issues that might be thrown by the competitors to try to damage the leading companies’ reputation. A lot of controversies are thrown to the media industry, despite of this it continues to prosper. This is certainly because of its main asset which is information. There may be some negative issues but that does not mean that all media companies are up for no good and are just eager to earn. Some companies are committed to give what is due to the public. Top Media Companies in the US and Canada The following are among the top media companies in the United States and Canada, offering products and services such as pay television channels, online and print publications, websites, a dvertisements, and radio programs through its radio stations. There is no question why after all the struggles they have undergone through the years, these companies are now tougher to face new challenges that may come their way. American Media, Inc. American Media Inc. (AMI) is a leading magazine and tabloid newspaper publisher in the US with its Chairman and CEO David Pecker. It reaches up to 54 million of America’s men and woman a month having an over-all circulation of 6.8 million and about 10 million visitors on its online publication with a hundred views per month (â€Å"About Us†). The topics covered by their publications are those that the Americans are obsessed with, mostly on gossips and good health. It also offers sales and marketing services that enable them to have an even distribution of their periodicals on different supermarkets in areas of the US and Canada (â€Å"American Media Inc. Company Profile†). Last November 17, 2010 the company filed fo r Chapter 11 Bankruptcy which according to the United States Court is allowable only to corporations and partnerships who at time of debt, cannot actually pay the creditor due to the small amount of assets that the company owns (â€Å"Reorganization Under the Bankruptcy Code†

Internet Protocol (VoIP) Technology

Internet Protocol (VoIP) Technology Abstract Voice over Internet Protocol (VoIP) technology has come of age and is quickly gaining momentum on Broadband networks. VoIP packetizes phone calls through the same routes used by network and Internet traffic and is consequently prone to the same cyber threats that plague data networks today. It presents lower cost and greater flexibility for a venture but presents considerable security challenges. Many solutions for VoIP security are projected, however these solutions should take into account the real-time constriction of voice service and their methods be supposed to address probable attacks and overhead related with it. One of these solutions is to make use of Firewalls, which implement a security strategy by examining and straining traffic arriving or leaving from a protected network. This is normally done by evaluating an incoming packet to a set of policies and performing the corresponding rule action, which is accept or reject. Undesirably packet examinations can require considerable interruptions on traffic due to the difficulty and size of policies. Consequently, improving firewall performance is significant for the VoIP networks. In this paper, we propose a new firewall deign that is able to dynamically update firewall policy based on Neural Network and achieve packet examinations under rising traffic loads, higher traffic speeds, and stringent QoS necessities. The design consists of several firewalls configured in parallel that jointly impose a defense strategy. Every firewall outfits part of the rule and incoming packets is processed through all the firewalls concurrently. Once the neural network is trained, it continuously updates the firewall policy using the selected parameters to perform its evaluation. Since many firewalls are utilized to process each packet, the proposed parallel firewall system has considerably lower delays and a higher throughput than other firewalls. Introduction Voice over IP the transmission of voice over traditional packet-switched IP networks is one of the hottest trends in telecommunications. Although most computers can provide VoIP and many offer VoIP applications, the term â€Å"voice over IP† is typically associated with equipment that lets users dial telephone numbers and communicate with parties on the other end who have a VoIP system or a traditional analog telephone. (The sidebar, â€Å"Current voice-over-IP products,† describes some of the products on the market today.) As with any new technology, VoIP introduces both opportunities and problems. It offers lower cost and greater flexibility for an enterprise but presents significant security challenges. As with any new technology, VoIP introduces both opportunities and problems.. Security administrators might assume that because digitized voice travels in packets, they can simply plug VoIP components into their already secured networks and get a stable and secure voice network. Quality of service (QoS) is fundamental to a VoIP networks operation. A VoIP application is much more sensitive to delays than its traditional data counterparts. Latency turns traditional security measures into double-edged swords for VoIP. Tools such as encryption and firewall protection can help secure the network, but they also produce significant delay. Latency isnt just a QoS issue, but also a security issue because it increases the systems susceptibility to denial-of-service attacks. To succeed in a VoIP network, a DoS attack need not completely shut down the system, but only delay voice packets for a fraction of a second. The necessary impediment is even less when latency-producing security devices are slowing down traffic. As described in the introduction, parallelization offers a Scalable technique for improving the performance of network firewalls. Using this approach an array of m firewalls processes packets in parallel. However, the two designs depicted in differ based on what is distributed: packets or rules. The design was Consisted of multiple identical firewalls connected in parallel, each firewall j in the system implements a local policy Rj where Rj = R. Arriving packets are distributed across the firewalls for processing (one packet is sent to one firewall), allowing different packets to be processed in parallel. Since each packet is processed using the policy Rj = R, policy integrity is maintained. A neural network is a group of interconnected nodes. The well-known example is the human brain, the most complicated and difficult neural network. We can make very fast and reliable choice in portion of a second. In the face of the clear neatness of usual thinking, outcome are usually not-white and -black or binary, but quite engage a broad diversity of alert and secreted inputs, we have an wonderful facility to recognize well-known patterns as well as extraordinary patterns more or less directly, the neural network approach effort to reproduce the way humans visually the usual consumer speedily studies to identify spam from correct connection. The reason for this is generally since we illustration our brains both on reason to a broad variety of message content and the brain learns to create lightning-fast, very exact guess. The capacity of utilizing packet changed networks as a transmit standard for real-time tone of voice connections has drawn broad awareness among both research and possible communities alike. The current progress in speech conventions and high speed information communication technology hold up the notice in equipment such as voice over Internet protocol (VoIP), the mathematical character of information interchange and the energetic routing method engaged in packet-switched networks outcomes in an unbalanced network delay (jitter) practiced by IP packets. [chris miller]. Although a data-parallel firewall can achieve higher throughput than a traditional (single machine) firewall, it suffers from two major disadvantages. First, stateful inspection requires all traffic from a certain connection or exchange to traverse the same firewall. Successful connection tracking is difficult to perform at high speeds using the data-parallel approach Second, distributing packets is only beneficial when each firewall in the array has a significant amount of traffic to process (never idle), which only occurs under high traffic loads. In order to understand parity in a carrier network maintaining secrecy, the studying techniques to know excluded traffic from partial information, such as the header information and show pattern of a series of packets. The propose a traffic credit technique for a direct request which uses mathematical information such as incidence of packet coming. This method is to be used for stop idea by recognize traffic generate by not only VoIP but video request as well. By using this method, travel that is clearly mediator excluded is not needed, the quality of traffic that is classified into best services, such as urgent situation message and moving sharing, is certain, and, for best effort services, suitable operation are perform so that capital can not be busy by a few edge, so as to understand fairness in symbol services. This advance is to applications that generate traffic from the presentation of the traffic. It can be underground into the following three types regarding the granularity of the observed traffic. [Toshiya Okabe Tsutomu Kitamura 2006]. Transaction-level behavior This approach is a system focus on the skin of an application-level action, such as an HTTP request message, and its response, an HTTP response message or MAIL message. With this progress, a request is indirect from the change patterns, the size of each message. A method to order maintain by the time-series changes in the size of messages. These techniques are useful for sense a signal protocol, but are not suitable for discovery of real-time message traffic whose features are boring and last for a fairly long time. [Toshiya Okabe Tsutomu Kitamura 2006] Flow-level behavior This method is to make out an application from mathematical information such as the inter-arrival time, period of the run, packet size. Here, a run is defined as a sequence of packets having a common source address, source port, destination address, destination port and transport protocol. It is extract skin of size data message request flows, such as HTTP, FTP and SMTP graceful from side to side a network, in order to create workload for a network simulator and classify traffic into three lessons, bulk data message such as FTP, informal message. [Toshiya Okabe Tsutomu Kitamura 2006] Packet-level behavior This is techniques that identify a request from the header or load of a single packet. A group method mainly based on port facts has been used but its efficiency has been lost due to the arrival of P2P applications that illegitimately use chance port numbers and port numbers for HTTP to traverse a Firewall. [Toshiya Okabe Tsutomu Kitamura 2006]. Average packet length and variation The result of extract skin correlated to the normal packet size and difference in packet size. Difference in packet size here indicates the number of types of packet size for a request whose packet size is fixed. It is the result of take out the skin of voice applications. The packet size of the voice application is lesser than that of the other application. [ Takayuki Shizuno 2006] As with any new knowledge, VoIP introduce both opportunity and problems. It offers lesser cost and greater give for an project but presents significant security challenge. Security administrator strength suppose that because digitized voice actions in packets, the plug VoIP mechanism into their previously protected networks and get a stable and secure voice network address translation (NAT), and most VoIP mechanism have counterpart in data network, VoIPs presentation stress mean you must extra ordinary network software and hardware with special VoIP mechanism. Packet network depend on many configurable bound: IP and physical addresses of say terminal of routers and firewalls. VoIP networks add specific software, to place and route calls. Many network bound are recognized with passion each time a network part is restart or when a VoIP phone is restart or added to the network.. So many nodes in a VoIP network have dynamically configurable bound; But VoIP systems have much stricter presentation constraint than data networks with important implication for security. [ Takayuki Shizuno 2006]. Quality-of-service issues Quality of service is basic to a VoIP networks process. A VoIP request is much more responsive to delay than its customary data matching part. In the VoIP language, this is the latency problem. Latency turns conventional safety measured. Tools such as encryption and firewall defense can help secure the system, but they also set up important delay. Latency isnt just a QoS issue, but also a safety issue because it increases the system weakness to denial-of-service attacks. To do well in a VoIP network, a DoS attack need not totally shut down the system, but only delay voice packets for a part of a second. The necessary let is even less when latency-producing security devices are slowing down traffic. Another QoS issue jitter, refers to no uniform delays that can cause packets to turn up and be process out of series. The Real-Time Transport Protocol (RTP), which is used to move voice media, so packets received out of order cant be reassembled at the move level, but must be rearrange at the request level, introduce major above your head. When packets turn up in order, high jitter causes them to arrive at their target in spurts. To control jitter, network expensive can use buffers and implement QoS-supporting network elements that let VoIP packets when larger data packets are listed in front of them. The buffer can use one of several plans to resolve when to let go voice data, counting several scheme that adapt the payout time also encompass packet loss. In addition to the usual packet loss issue related with data networks, even VoIP packets that reach their target can be make useless by latency and jitter. [thomas j. walsh and d. richard kuhn ]. Project Background Neural network is the bury order growing fast in current years. It is jointly of a massive deal of easy giving out units of neuron with providing connect as a neural network. It can replicate the information distribution task of human being brain, with huge talent of nonlinear estimate, consecutively storage, large-scale similar development, and self-training lessons. The information distribution in the neural network is recognizing by the communication between the neurons, and the storage of data and in progression as increase physical interconnection of the network parts. [, a. shelestov, v. pasechnik, a. sidorenko, n. kussul , 2006]. A parallel firewall (also called a load-balancing firewall) is a scalable approach for increasing the speed of inspecting network traffic. As seen in figure .the system consists of multiple identical firewalls connected in parallel. Each firewall in the system implements the complete security policy and arriving packets are distributed across the firewalls such that only one firewall processes any given packet. How the load-balancing algorithm distributes packets is vital to the system and typically implemented as a high-speed switch in commercial products. Although parallel firewalls achieve a higher throughput than traditional firewalls and have a redundant design, the performance benefit is only evident under high traffic loads. Furthermore, stateful inspection requires all traffic from a certain connection or exchange to traverse the same firewall, which is difficult to perform at high speeds. This paper introduces a new scalable parallel firewall architecture designed for increasing network speeds and traffic loads. The design consists of multiple firewalls where each firewall implements only a portion of the security policy. Since the policy is divided across the firewalls, rule distribution guidelines are provided that maintains integrity, ensuring the new parallel design and a traditional single firewall always reach the same decision. Unlike the previous parallel design, When a packet arrives to the new architecture it is processed by every firewall in parallel, thus the processing time required per packet is reduced. Simulation results for the new architecture (consisting of four firewalls) yielded a 74% reduction in processing time as compared to other parallel firewall designs. Furthermore, the proposed architecture can provide stateful inspections since a packet is processed by every firewall. Therefore, the new parallel design is a scalable solution that can offer better performance and more capabilities than other designs. In list-based rule symbol, when packets arrive at a firewall, it is in sequence check against the system in the rule list until a match is found or attainment the end of the list. Then, the parallel action is applied to mass or pass the packet. To make the policy complete of match is always found for each packet, the computational difficulty of the sort process depends on the length of rule as the depth of result a matched rule in the rule list. Apply more composite policy can result in major traffic wait which is not only a presentation block in high speed environment but also can make it weaker to rejection of service attacks. Moreover, attractive the filter time is more difficult for multimedia applications that require firm quality of service promise. Although hardware solutions can very much decrease the packet giving out time, they are costly for large policy and improvement hardware may not be suitable in inheritance systems. on the other hand, better data structure for inner policy symbol and better search mechanism have been planned to provide relatively and effective solution to benefit on hand hardware systems. The rules are group to allow multidimensional search by at once eliminate multiple rules with few comparison. While tries have shown great agree in improving the search time, the storage condition and difficulty in maintain try and policy honesty increases as more rules . Moreover, a policy trie does not take into report the traffic personality. In a method for trie sorting is proposed that sustain the policy honesty while reorder rules for unreliable traffic situation. The number of contrast as compare to the original trie. Traffic-aware optimization of list-based firewalls has been addressed in rules are assigned matching probability that depend on the traffic information. Other firewall models have been planned to signify and analyze policy whether for central or distributed firewall architectures with main focus on identify rule conflicts and variance; Wireless local (WLAN) and wireless personal (WPAN) area networks are being used increasingly to implement VoIP forces. The main drives for using these architectures are user mobility. Behind realible real-time repair is one of the major concerns for generally use of VoIP in these wireless IPbased networks and safety is now getting the notice of researchers. The security and efficiency are consisting requirements. [El-Sayed M. El-Alfy and Shokri Z. Selim 2007] Literature Review Introduction: Literature Review is the process of finding information for help on searching for resources on the Internet. Reading intensively in the chosen topic area is essential, but the task can prove daunting if they do not approach it in a systematic way. The continuous number of high-profile Internet security breeches reported in the mass media shows that despite an emphasis on security processes that there is still a gap between theory and practice. Not only is there a need to develop better software engineering processes but also theoretical security improvements need to find their way into real systems. Software design patterns are defined as â€Å"descriptions of communicating objects and classes that are customized to solve a general design problem in a particular context†. As software design patterns have proven their value in the development of production software, they are a promising new approach to help in both the theoretical development and practical implementation of better security processes. First, many/most software developers have only a limited knowledge of security processes and patterns are a proven way to improve their understanding. Second, patterns work against â€Å"reinventing-the-wheel† to promote learning best practices from the larger community to save time, effort, and money with easily accessible and validated examples. Third, code can be reused since the same security patterns arise in many different contexts Investigating existing resources in our area of research will generally cover three areas: Exploratory investigations, as part of the development and evaluation of possible topics in an area Investigation is some depth, sufficient to support a formal research and dissertation proposal Complete research that is described in the literature / research section of the dissertation. [from Writing the Doctoral Dissertation, To Author names] 2. Related Research Work Available: Wireless local (WLAN) and wireless personal (WPAN) area networks are being used progressively to implement VoIP services. The main motivation for using these architectures are user mobility, setup flexibility, increasing transmission rate and low costs, despite this convergence depends on the answers of several technical problems Supporting reliable real-time service is one of the major concerns for widely deployment of VoIP in these ireless IPbased networks and security is now receiving the attention of researchers. The problem of offering security to WLAN and WPAN is that security does not come for free and, security and efficiency are conflicting requirements. The introduction of a security mechanism such as the IPSec encryption-engine to overcome these issues impacts directly in the speech quality of established calls and in the channel capacity. Moreover, largely deployed radio technology standards as IEEE 802.11 and Bluetooth used to achieve wireless connectivity have several constraints when delivering real-time traffic, as transmission errors at the channel, introducing delay and loss which with security mechanisms impact can lead to low quality VoIP calls. Although these technologies offer some security mechanisms, they have some flaws which need to be addressed by an additional level of security. In this paper we focus on the IPSec protocol to achieve the data secrecy due to its widely deployment and implementation of many encryption algorithms. During final decades information technology founded on the computer networks take part in an essential role in different areas of human being action. Troubles of huge importance are assigned on them, such as maintenance, communication and mechanization of information processing. The safety level of processed information is able to differ from private and viable to military and state secret. Herewith the destruction of the information secrecy, reliability and accessibility may cause the spoil to its proprietor and contain important unattractive consequences. Hence the trouble of information safety is concerned. Many associations and companies expand safety facilities that need important aids. In additional, the impracticality of creating wholly protected system is a recognized fact – it will always hold faults and  «gaps » in its understanding. To guard computer systems such familiarized mechanisms as classification and verification, methodologies of the delimitation and limit of the access to data and cryptographic techniques are applied. But they hold following drawbacks: †¢ Disclosure from interior users with spiteful purpose; †¢ Complexity in access separation caused by data sources globalization, which cleans away difference between personal and foreign topics of the system; †¢ Diminution of efficiency and communication complexity by reason of methods for access control to the sources, for occasion, in e-commerce; †¢ Effortlessness of passwords description by crating arrangements of simple users relations. Hence classification and audit systems are utilized beside with these methods. between them are interruption. Intrusion Detection Systems (IDS). IDS are generally separated to systems detecting previously identified attacks (mishandling exposure systems) and variance exposure systems registering the life cycle differences of the computer system from its usual (distinctive) action. Besides, IDS are divided to network-based and host-based category by data source. Network-based IDS examine network dataflow, caring its members, almost not moving the output of their work. Network-based systems do not utilize data about progression from divide workstation. A firewall is a mixture of hardware and software used to put into practice a security policy leading the flow of network traffic between two or more networks. In its simplest form, a firewall acts as a safety barrier to control traffic and manage links between internal and external network hosts. The actual means by which this is able varies and ranges from packet sort and proxy service to stateful examination methods. A more difficult firewall may hide the topology of the network it is employed to keep, Firewalls have recognized to be useful in trade with a large number of pressure that create from outer a network. They are becoming ever-present and necessary to the action of the network. The constant growth of the Internet, coupled with the increasing difficulty of attacks, however, is placing further stress and difficulty on firewalls design and management. . [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Furthermore, the need to deal with large set of varied safety policy and rules impose additional load on firewalls, thus depiction the presentation of the firewall highly serious to enforce the network safety policy. In this context, the defense that a firewall provides only the policies it is configured to execute, but evenly importantly the speed at which it enforces these policy. Under attack or deep load, firewalls can simply become a bottleneck. As the network size, bandwidth, and giving out power of networked hosts carry on increasing, there is a high demand for optimizing firewall operation for improved performance. [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Multi-dimensional firewall research group of people to focus on mounting various optimizations to make firewalls more resourceful and steady. In spite of significant progress in the design of firewalls, the techniques for firewall optimization remains static and fail to get used to to the always varying dynamics of the network. This is frequently due to their failure to take into account the traffic individuality by the firewall, such as source and purpose, service requests and the resultant action taken by the firewall in reply to these requests. Moreover, current firewall designs do not support adaptive difference discovery and counter measure device. As a result, they run the risk to become unbalanced under attack. The object of this paper is to address the above failing and develop a sound and effective toolset to hasten firewall operation and adapt its performance to the dynamically altering network traffic individuality. Achieve this goal, however is tough, as the number of policy and safety rules a firewall has to enforce for enterprise network. In addition, there is a need for preserve high policy addition. This is further compounded by the limited resources of firewalls relation to the increased ability of the network to process and forward traffic at very high speed. [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Methodolgy Network Firewall Parallelization Firewall parallelization is a scalable move toward for attaining the speed of system traffic assessment [Carsten Benecke,1999] necessary for improved network paces and traffic loads. In this section data parallel [Carsten Benecke,1999] and function parallel designs [Errin W. Fulp,2002] for parallel firewalls are explained. Similar to their distributed computing descriptions necessitate, data parallel partition the information set across the array of firewalls, while function parallel distributes the work set across the array of firewalls. The data parallel technique is a scalable substitute to a single firewall that permits for better throughput potentials. Function parallel techniques can diminish the dispensation time necessary on any firewall node yielding enhanced presentation. In addition, unlike data parallel designs, the proposed function parallel architecture can offer stateful assessments. This proposal shows that function parallel designs are scalable solution that can offer better performance and more facilities than other designs. Parallel Firewall Architecture: Function Parallel Firewall [W. Fulp and Ryan J] consists of multiple firewalls coupled in parallel and a gatedevice, as shown in figure. Every firewall in the system outfits a local strategy, where incoming packets are disseminated across the firewalls for processing (one packet is sent to one firewall), permitting different packets to be processed in parallel. Because every packet is processed by the policy, reliability is maintained. The common operation of the scheme can be described as follows. When a packet reaches to the function-parallel system it is promoted to all the firewall and the gate. Each firewall processes the packet with its local policy, as well as any state information. The firewall then signals the gate representing either no match was found, or offers the rule number and action if a match was found. As local policies are a division of the original, a no-matchis a suitable answer and is necessary for the function-parallel design. The gate stores the outcomes and establishes the final action to achieve on the packet using the Firewall rule. Parallel Firewall System Components A function parallel system consists of a collection of firewall nodes. Packets are replicated to all firewall nodes as they go into the system. Policies must be disseminated across the system such that they specify an accept set identical to the original accept set and no local policys accept set can overlap another local policys accept set. The received packets are then combined into one stream to arrive at the destination. A control plane is also essential to permit common system management. Firewall Nodes The firewall nodes contain a network interface card for every network input and control plane. This design implements the firewall nodes as PCs running the Linux operating system with a kernel that supports iptables. It must be stated that iptables was selected for an profitable feature of provisional rule dispensation. By default there are built-in sets of policies called chains divided by whether they hold traffic bound for procedures pay attention on local input devices, proposed for routing throughout the system to another network or outbound and supplied from a local procedure. In addition iptables has support for user defined chains. The user defined chains can be called if a packet matches a rule in a sequence. Packet Duplicator Packet Duplicator is essential on all links which will input traffic into the system. In Ethernet networks packet duplication is easily achieved with a network hub because any packets arriving on a hub port are copied to all other hub ports. But, in high speed networks hub technology is not presented. The only available devices in high speed networks to attain duplication are network taps. These devices are used for duplicating network traffic, usually used in intrusion detection systems that necessitate network monitoring. Control Plane In a single firewall system, protected customer communication can be offered through the prerequisite of physical existence. To generate a protected technique of management, communication to the collection of firewall nodes can be quarantined on a separate control plane. In the simplest form this entails a separate subnet which all firewall nodes survive on. Component Integration Joining these components into a functional design can be cut down into two network representations. The first utilizes simply one packet duplicator and can simply offer protection for traffic from one source. The second topology allows two networks to communicate bi-directionally through the system. One-Directional System This technique only thinks about packets traveling in one direction; for example, only packets are moving from source to destination. The collection of firewall nodes use the same IP address and MAC address and all will take the incoming network interface card in immoral mode. All but one firewall node will allow existing networking equipment outside of the system to cooperate with no alterations. The firewall node which does respond to user requirements can also be permitted to respond to ICMP ping requests in order to formulate the system additional compatible. For the outgoing network interface cards, any IP or MAC can be used as long as it permits communication with the destination. Bi-directional System The Bi-directional system considers packets moving in both directions; for example, packets traveling from source to destination and then back to source. Set Internet Protocol (VoIP) Technology Internet Protocol (VoIP) Technology Abstract Voice over Internet Protocol (VoIP) technology has come of age and is quickly gaining momentum on Broadband networks. VoIP packetizes phone calls through the same routes used by network and Internet traffic and is consequently prone to the same cyber threats that plague data networks today. It presents lower cost and greater flexibility for a venture but presents considerable security challenges. Many solutions for VoIP security are projected, however these solutions should take into account the real-time constriction of voice service and their methods be supposed to address probable attacks and overhead related with it. One of these solutions is to make use of Firewalls, which implement a security strategy by examining and straining traffic arriving or leaving from a protected network. This is normally done by evaluating an incoming packet to a set of policies and performing the corresponding rule action, which is accept or reject. Undesirably packet examinations can require considerable interruptions on traffic due to the difficulty and size of policies. Consequently, improving firewall performance is significant for the VoIP networks. In this paper, we propose a new firewall deign that is able to dynamically update firewall policy based on Neural Network and achieve packet examinations under rising traffic loads, higher traffic speeds, and stringent QoS necessities. The design consists of several firewalls configured in parallel that jointly impose a defense strategy. Every firewall outfits part of the rule and incoming packets is processed through all the firewalls concurrently. Once the neural network is trained, it continuously updates the firewall policy using the selected parameters to perform its evaluation. Since many firewalls are utilized to process each packet, the proposed parallel firewall system has considerably lower delays and a higher throughput than other firewalls. Introduction Voice over IP the transmission of voice over traditional packet-switched IP networks is one of the hottest trends in telecommunications. Although most computers can provide VoIP and many offer VoIP applications, the term â€Å"voice over IP† is typically associated with equipment that lets users dial telephone numbers and communicate with parties on the other end who have a VoIP system or a traditional analog telephone. (The sidebar, â€Å"Current voice-over-IP products,† describes some of the products on the market today.) As with any new technology, VoIP introduces both opportunities and problems. It offers lower cost and greater flexibility for an enterprise but presents significant security challenges. As with any new technology, VoIP introduces both opportunities and problems.. Security administrators might assume that because digitized voice travels in packets, they can simply plug VoIP components into their already secured networks and get a stable and secure voice network. Quality of service (QoS) is fundamental to a VoIP networks operation. A VoIP application is much more sensitive to delays than its traditional data counterparts. Latency turns traditional security measures into double-edged swords for VoIP. Tools such as encryption and firewall protection can help secure the network, but they also produce significant delay. Latency isnt just a QoS issue, but also a security issue because it increases the systems susceptibility to denial-of-service attacks. To succeed in a VoIP network, a DoS attack need not completely shut down the system, but only delay voice packets for a fraction of a second. The necessary impediment is even less when latency-producing security devices are slowing down traffic. As described in the introduction, parallelization offers a Scalable technique for improving the performance of network firewalls. Using this approach an array of m firewalls processes packets in parallel. However, the two designs depicted in differ based on what is distributed: packets or rules. The design was Consisted of multiple identical firewalls connected in parallel, each firewall j in the system implements a local policy Rj where Rj = R. Arriving packets are distributed across the firewalls for processing (one packet is sent to one firewall), allowing different packets to be processed in parallel. Since each packet is processed using the policy Rj = R, policy integrity is maintained. A neural network is a group of interconnected nodes. The well-known example is the human brain, the most complicated and difficult neural network. We can make very fast and reliable choice in portion of a second. In the face of the clear neatness of usual thinking, outcome are usually not-white and -black or binary, but quite engage a broad diversity of alert and secreted inputs, we have an wonderful facility to recognize well-known patterns as well as extraordinary patterns more or less directly, the neural network approach effort to reproduce the way humans visually the usual consumer speedily studies to identify spam from correct connection. The reason for this is generally since we illustration our brains both on reason to a broad variety of message content and the brain learns to create lightning-fast, very exact guess. The capacity of utilizing packet changed networks as a transmit standard for real-time tone of voice connections has drawn broad awareness among both research and possible communities alike. The current progress in speech conventions and high speed information communication technology hold up the notice in equipment such as voice over Internet protocol (VoIP), the mathematical character of information interchange and the energetic routing method engaged in packet-switched networks outcomes in an unbalanced network delay (jitter) practiced by IP packets. [chris miller]. Although a data-parallel firewall can achieve higher throughput than a traditional (single machine) firewall, it suffers from two major disadvantages. First, stateful inspection requires all traffic from a certain connection or exchange to traverse the same firewall. Successful connection tracking is difficult to perform at high speeds using the data-parallel approach Second, distributing packets is only beneficial when each firewall in the array has a significant amount of traffic to process (never idle), which only occurs under high traffic loads. In order to understand parity in a carrier network maintaining secrecy, the studying techniques to know excluded traffic from partial information, such as the header information and show pattern of a series of packets. The propose a traffic credit technique for a direct request which uses mathematical information such as incidence of packet coming. This method is to be used for stop idea by recognize traffic generate by not only VoIP but video request as well. By using this method, travel that is clearly mediator excluded is not needed, the quality of traffic that is classified into best services, such as urgent situation message and moving sharing, is certain, and, for best effort services, suitable operation are perform so that capital can not be busy by a few edge, so as to understand fairness in symbol services. This advance is to applications that generate traffic from the presentation of the traffic. It can be underground into the following three types regarding the granularity of the observed traffic. [Toshiya Okabe Tsutomu Kitamura 2006]. Transaction-level behavior This approach is a system focus on the skin of an application-level action, such as an HTTP request message, and its response, an HTTP response message or MAIL message. With this progress, a request is indirect from the change patterns, the size of each message. A method to order maintain by the time-series changes in the size of messages. These techniques are useful for sense a signal protocol, but are not suitable for discovery of real-time message traffic whose features are boring and last for a fairly long time. [Toshiya Okabe Tsutomu Kitamura 2006] Flow-level behavior This method is to make out an application from mathematical information such as the inter-arrival time, period of the run, packet size. Here, a run is defined as a sequence of packets having a common source address, source port, destination address, destination port and transport protocol. It is extract skin of size data message request flows, such as HTTP, FTP and SMTP graceful from side to side a network, in order to create workload for a network simulator and classify traffic into three lessons, bulk data message such as FTP, informal message. [Toshiya Okabe Tsutomu Kitamura 2006] Packet-level behavior This is techniques that identify a request from the header or load of a single packet. A group method mainly based on port facts has been used but its efficiency has been lost due to the arrival of P2P applications that illegitimately use chance port numbers and port numbers for HTTP to traverse a Firewall. [Toshiya Okabe Tsutomu Kitamura 2006]. Average packet length and variation The result of extract skin correlated to the normal packet size and difference in packet size. Difference in packet size here indicates the number of types of packet size for a request whose packet size is fixed. It is the result of take out the skin of voice applications. The packet size of the voice application is lesser than that of the other application. [ Takayuki Shizuno 2006] As with any new knowledge, VoIP introduce both opportunity and problems. It offers lesser cost and greater give for an project but presents significant security challenge. Security administrator strength suppose that because digitized voice actions in packets, the plug VoIP mechanism into their previously protected networks and get a stable and secure voice network address translation (NAT), and most VoIP mechanism have counterpart in data network, VoIPs presentation stress mean you must extra ordinary network software and hardware with special VoIP mechanism. Packet network depend on many configurable bound: IP and physical addresses of say terminal of routers and firewalls. VoIP networks add specific software, to place and route calls. Many network bound are recognized with passion each time a network part is restart or when a VoIP phone is restart or added to the network.. So many nodes in a VoIP network have dynamically configurable bound; But VoIP systems have much stricter presentation constraint than data networks with important implication for security. [ Takayuki Shizuno 2006]. Quality-of-service issues Quality of service is basic to a VoIP networks process. A VoIP request is much more responsive to delay than its customary data matching part. In the VoIP language, this is the latency problem. Latency turns conventional safety measured. Tools such as encryption and firewall defense can help secure the system, but they also set up important delay. Latency isnt just a QoS issue, but also a safety issue because it increases the system weakness to denial-of-service attacks. To do well in a VoIP network, a DoS attack need not totally shut down the system, but only delay voice packets for a part of a second. The necessary let is even less when latency-producing security devices are slowing down traffic. Another QoS issue jitter, refers to no uniform delays that can cause packets to turn up and be process out of series. The Real-Time Transport Protocol (RTP), which is used to move voice media, so packets received out of order cant be reassembled at the move level, but must be rearrange at the request level, introduce major above your head. When packets turn up in order, high jitter causes them to arrive at their target in spurts. To control jitter, network expensive can use buffers and implement QoS-supporting network elements that let VoIP packets when larger data packets are listed in front of them. The buffer can use one of several plans to resolve when to let go voice data, counting several scheme that adapt the payout time also encompass packet loss. In addition to the usual packet loss issue related with data networks, even VoIP packets that reach their target can be make useless by latency and jitter. [thomas j. walsh and d. richard kuhn ]. Project Background Neural network is the bury order growing fast in current years. It is jointly of a massive deal of easy giving out units of neuron with providing connect as a neural network. It can replicate the information distribution task of human being brain, with huge talent of nonlinear estimate, consecutively storage, large-scale similar development, and self-training lessons. The information distribution in the neural network is recognizing by the communication between the neurons, and the storage of data and in progression as increase physical interconnection of the network parts. [, a. shelestov, v. pasechnik, a. sidorenko, n. kussul , 2006]. A parallel firewall (also called a load-balancing firewall) is a scalable approach for increasing the speed of inspecting network traffic. As seen in figure .the system consists of multiple identical firewalls connected in parallel. Each firewall in the system implements the complete security policy and arriving packets are distributed across the firewalls such that only one firewall processes any given packet. How the load-balancing algorithm distributes packets is vital to the system and typically implemented as a high-speed switch in commercial products. Although parallel firewalls achieve a higher throughput than traditional firewalls and have a redundant design, the performance benefit is only evident under high traffic loads. Furthermore, stateful inspection requires all traffic from a certain connection or exchange to traverse the same firewall, which is difficult to perform at high speeds. This paper introduces a new scalable parallel firewall architecture designed for increasing network speeds and traffic loads. The design consists of multiple firewalls where each firewall implements only a portion of the security policy. Since the policy is divided across the firewalls, rule distribution guidelines are provided that maintains integrity, ensuring the new parallel design and a traditional single firewall always reach the same decision. Unlike the previous parallel design, When a packet arrives to the new architecture it is processed by every firewall in parallel, thus the processing time required per packet is reduced. Simulation results for the new architecture (consisting of four firewalls) yielded a 74% reduction in processing time as compared to other parallel firewall designs. Furthermore, the proposed architecture can provide stateful inspections since a packet is processed by every firewall. Therefore, the new parallel design is a scalable solution that can offer better performance and more capabilities than other designs. In list-based rule symbol, when packets arrive at a firewall, it is in sequence check against the system in the rule list until a match is found or attainment the end of the list. Then, the parallel action is applied to mass or pass the packet. To make the policy complete of match is always found for each packet, the computational difficulty of the sort process depends on the length of rule as the depth of result a matched rule in the rule list. Apply more composite policy can result in major traffic wait which is not only a presentation block in high speed environment but also can make it weaker to rejection of service attacks. Moreover, attractive the filter time is more difficult for multimedia applications that require firm quality of service promise. Although hardware solutions can very much decrease the packet giving out time, they are costly for large policy and improvement hardware may not be suitable in inheritance systems. on the other hand, better data structure for inner policy symbol and better search mechanism have been planned to provide relatively and effective solution to benefit on hand hardware systems. The rules are group to allow multidimensional search by at once eliminate multiple rules with few comparison. While tries have shown great agree in improving the search time, the storage condition and difficulty in maintain try and policy honesty increases as more rules . Moreover, a policy trie does not take into report the traffic personality. In a method for trie sorting is proposed that sustain the policy honesty while reorder rules for unreliable traffic situation. The number of contrast as compare to the original trie. Traffic-aware optimization of list-based firewalls has been addressed in rules are assigned matching probability that depend on the traffic information. Other firewall models have been planned to signify and analyze policy whether for central or distributed firewall architectures with main focus on identify rule conflicts and variance; Wireless local (WLAN) and wireless personal (WPAN) area networks are being used increasingly to implement VoIP forces. The main drives for using these architectures are user mobility. Behind realible real-time repair is one of the major concerns for generally use of VoIP in these wireless IPbased networks and safety is now getting the notice of researchers. The security and efficiency are consisting requirements. [El-Sayed M. El-Alfy and Shokri Z. Selim 2007] Literature Review Introduction: Literature Review is the process of finding information for help on searching for resources on the Internet. Reading intensively in the chosen topic area is essential, but the task can prove daunting if they do not approach it in a systematic way. The continuous number of high-profile Internet security breeches reported in the mass media shows that despite an emphasis on security processes that there is still a gap between theory and practice. Not only is there a need to develop better software engineering processes but also theoretical security improvements need to find their way into real systems. Software design patterns are defined as â€Å"descriptions of communicating objects and classes that are customized to solve a general design problem in a particular context†. As software design patterns have proven their value in the development of production software, they are a promising new approach to help in both the theoretical development and practical implementation of better security processes. First, many/most software developers have only a limited knowledge of security processes and patterns are a proven way to improve their understanding. Second, patterns work against â€Å"reinventing-the-wheel† to promote learning best practices from the larger community to save time, effort, and money with easily accessible and validated examples. Third, code can be reused since the same security patterns arise in many different contexts Investigating existing resources in our area of research will generally cover three areas: Exploratory investigations, as part of the development and evaluation of possible topics in an area Investigation is some depth, sufficient to support a formal research and dissertation proposal Complete research that is described in the literature / research section of the dissertation. [from Writing the Doctoral Dissertation, To Author names] 2. Related Research Work Available: Wireless local (WLAN) and wireless personal (WPAN) area networks are being used progressively to implement VoIP services. The main motivation for using these architectures are user mobility, setup flexibility, increasing transmission rate and low costs, despite this convergence depends on the answers of several technical problems Supporting reliable real-time service is one of the major concerns for widely deployment of VoIP in these ireless IPbased networks and security is now receiving the attention of researchers. The problem of offering security to WLAN and WPAN is that security does not come for free and, security and efficiency are conflicting requirements. The introduction of a security mechanism such as the IPSec encryption-engine to overcome these issues impacts directly in the speech quality of established calls and in the channel capacity. Moreover, largely deployed radio technology standards as IEEE 802.11 and Bluetooth used to achieve wireless connectivity have several constraints when delivering real-time traffic, as transmission errors at the channel, introducing delay and loss which with security mechanisms impact can lead to low quality VoIP calls. Although these technologies offer some security mechanisms, they have some flaws which need to be addressed by an additional level of security. In this paper we focus on the IPSec protocol to achieve the data secrecy due to its widely deployment and implementation of many encryption algorithms. During final decades information technology founded on the computer networks take part in an essential role in different areas of human being action. Troubles of huge importance are assigned on them, such as maintenance, communication and mechanization of information processing. The safety level of processed information is able to differ from private and viable to military and state secret. Herewith the destruction of the information secrecy, reliability and accessibility may cause the spoil to its proprietor and contain important unattractive consequences. Hence the trouble of information safety is concerned. Many associations and companies expand safety facilities that need important aids. In additional, the impracticality of creating wholly protected system is a recognized fact – it will always hold faults and  «gaps » in its understanding. To guard computer systems such familiarized mechanisms as classification and verification, methodologies of the delimitation and limit of the access to data and cryptographic techniques are applied. But they hold following drawbacks: †¢ Disclosure from interior users with spiteful purpose; †¢ Complexity in access separation caused by data sources globalization, which cleans away difference between personal and foreign topics of the system; †¢ Diminution of efficiency and communication complexity by reason of methods for access control to the sources, for occasion, in e-commerce; †¢ Effortlessness of passwords description by crating arrangements of simple users relations. Hence classification and audit systems are utilized beside with these methods. between them are interruption. Intrusion Detection Systems (IDS). IDS are generally separated to systems detecting previously identified attacks (mishandling exposure systems) and variance exposure systems registering the life cycle differences of the computer system from its usual (distinctive) action. Besides, IDS are divided to network-based and host-based category by data source. Network-based IDS examine network dataflow, caring its members, almost not moving the output of their work. Network-based systems do not utilize data about progression from divide workstation. A firewall is a mixture of hardware and software used to put into practice a security policy leading the flow of network traffic between two or more networks. In its simplest form, a firewall acts as a safety barrier to control traffic and manage links between internal and external network hosts. The actual means by which this is able varies and ranges from packet sort and proxy service to stateful examination methods. A more difficult firewall may hide the topology of the network it is employed to keep, Firewalls have recognized to be useful in trade with a large number of pressure that create from outer a network. They are becoming ever-present and necessary to the action of the network. The constant growth of the Internet, coupled with the increasing difficulty of attacks, however, is placing further stress and difficulty on firewalls design and management. . [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Furthermore, the need to deal with large set of varied safety policy and rules impose additional load on firewalls, thus depiction the presentation of the firewall highly serious to enforce the network safety policy. In this context, the defense that a firewall provides only the policies it is configured to execute, but evenly importantly the speed at which it enforces these policy. Under attack or deep load, firewalls can simply become a bottleneck. As the network size, bandwidth, and giving out power of networked hosts carry on increasing, there is a high demand for optimizing firewall operation for improved performance. [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Multi-dimensional firewall research group of people to focus on mounting various optimizations to make firewalls more resourceful and steady. In spite of significant progress in the design of firewalls, the techniques for firewall optimization remains static and fail to get used to to the always varying dynamics of the network. This is frequently due to their failure to take into account the traffic individuality by the firewall, such as source and purpose, service requests and the resultant action taken by the firewall in reply to these requests. Moreover, current firewall designs do not support adaptive difference discovery and counter measure device. As a result, they run the risk to become unbalanced under attack. The object of this paper is to address the above failing and develop a sound and effective toolset to hasten firewall operation and adapt its performance to the dynamically altering network traffic individuality. Achieve this goal, however is tough, as the number of policy and safety rules a firewall has to enforce for enterprise network. In addition, there is a need for preserve high policy addition. This is further compounded by the limited resources of firewalls relation to the increased ability of the network to process and forward traffic at very high speed. [ Subrata Acharya, Jia Wang, Albert Greenberg 2006] Methodolgy Network Firewall Parallelization Firewall parallelization is a scalable move toward for attaining the speed of system traffic assessment [Carsten Benecke,1999] necessary for improved network paces and traffic loads. In this section data parallel [Carsten Benecke,1999] and function parallel designs [Errin W. Fulp,2002] for parallel firewalls are explained. Similar to their distributed computing descriptions necessitate, data parallel partition the information set across the array of firewalls, while function parallel distributes the work set across the array of firewalls. The data parallel technique is a scalable substitute to a single firewall that permits for better throughput potentials. Function parallel techniques can diminish the dispensation time necessary on any firewall node yielding enhanced presentation. In addition, unlike data parallel designs, the proposed function parallel architecture can offer stateful assessments. This proposal shows that function parallel designs are scalable solution that can offer better performance and more facilities than other designs. Parallel Firewall Architecture: Function Parallel Firewall [W. Fulp and Ryan J] consists of multiple firewalls coupled in parallel and a gatedevice, as shown in figure. Every firewall in the system outfits a local strategy, where incoming packets are disseminated across the firewalls for processing (one packet is sent to one firewall), permitting different packets to be processed in parallel. Because every packet is processed by the policy, reliability is maintained. The common operation of the scheme can be described as follows. When a packet reaches to the function-parallel system it is promoted to all the firewall and the gate. Each firewall processes the packet with its local policy, as well as any state information. The firewall then signals the gate representing either no match was found, or offers the rule number and action if a match was found. As local policies are a division of the original, a no-matchis a suitable answer and is necessary for the function-parallel design. The gate stores the outcomes and establishes the final action to achieve on the packet using the Firewall rule. Parallel Firewall System Components A function parallel system consists of a collection of firewall nodes. Packets are replicated to all firewall nodes as they go into the system. Policies must be disseminated across the system such that they specify an accept set identical to the original accept set and no local policys accept set can overlap another local policys accept set. The received packets are then combined into one stream to arrive at the destination. A control plane is also essential to permit common system management. Firewall Nodes The firewall nodes contain a network interface card for every network input and control plane. This design implements the firewall nodes as PCs running the Linux operating system with a kernel that supports iptables. It must be stated that iptables was selected for an profitable feature of provisional rule dispensation. By default there are built-in sets of policies called chains divided by whether they hold traffic bound for procedures pay attention on local input devices, proposed for routing throughout the system to another network or outbound and supplied from a local procedure. In addition iptables has support for user defined chains. The user defined chains can be called if a packet matches a rule in a sequence. Packet Duplicator Packet Duplicator is essential on all links which will input traffic into the system. In Ethernet networks packet duplication is easily achieved with a network hub because any packets arriving on a hub port are copied to all other hub ports. But, in high speed networks hub technology is not presented. The only available devices in high speed networks to attain duplication are network taps. These devices are used for duplicating network traffic, usually used in intrusion detection systems that necessitate network monitoring. Control Plane In a single firewall system, protected customer communication can be offered through the prerequisite of physical existence. To generate a protected technique of management, communication to the collection of firewall nodes can be quarantined on a separate control plane. In the simplest form this entails a separate subnet which all firewall nodes survive on. Component Integration Joining these components into a functional design can be cut down into two network representations. The first utilizes simply one packet duplicator and can simply offer protection for traffic from one source. The second topology allows two networks to communicate bi-directionally through the system. One-Directional System This technique only thinks about packets traveling in one direction; for example, only packets are moving from source to destination. The collection of firewall nodes use the same IP address and MAC address and all will take the incoming network interface card in immoral mode. All but one firewall node will allow existing networking equipment outside of the system to cooperate with no alterations. The firewall node which does respond to user requirements can also be permitted to respond to ICMP ping requests in order to formulate the system additional compatible. For the outgoing network interface cards, any IP or MAC can be used as long as it permits communication with the destination. Bi-directional System The Bi-directional system considers packets moving in both directions; for example, packets traveling from source to destination and then back to source. Set