The modern networks demand rapid, scalable, and efficient enforcement of security policies at distributed endpoints. This study presents a lightweight distributed firewall framework leveraging Secure Shell (SSH) and Uncomplicated Firewall (UFW) to address these requirements. In the centralized deployment, a core server transmits encrypted security rules to distributed hosts via SSH, with each node applying policies locally using UFW. In the decentralized mode, nodes exchange firewall rules directly through secure SSH channels. The proposed architecture is benchmarked against conventional IPsec-based systems, assessing rule propagation latency, bandwidth consumption, computational efficiency, scalability, and robustness under network stress. Experimental evaluations across heterogeneous environments demonstrate that the SSH-UFW model propagates rules up to 60% faster than IPsec on average. Moreover, the framework exhibits lower resource utilization and enhanced operational stability under degraded network conditions. These findings suggest that the SSH-based distributed firewall offers a secure, efficient, and scalable alternative to IPsec for real-world deployment.
