The infrastructure of large networks is broken down into areas that have a common security policy called a domain. Security within a domain is commonly implemented at all nodes however this can have a negative effect on performance since it introduces a delay associated with packet filtering. When Access Control Lists (ACLs) are used within a router for this purpose then a significant overhead is introduced associated with this process. It is likely that identical checks are made at multiple points within a domain prior to a packet reaching its destination therefore by eliminating ACLs within a domain by modifying the ingress/egress points with equivalent functionality an improvement in the overall performance can be obtained. Keywords: Routing Domain, Performance, Delay through Routers, Access Control List, ACL optimization, Off-line verification of ACLs, Firewalls, Inter-Firewall Optimization, IP packet filtering.

Радіоелектронні і комп'ютерні системи [Текст] // Радіоелектронні і комп'ютерні системи ; М-во освіти і науки України, Нац. аерокосм. ун-т ім. М. Є. Жуковського "Харк. авіац. ін-т" - Х. : ХАІ. — 2012.

• УДК // Безпека
• УДК // Види мереж згідно з охопленням території