Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Discovery of Policy Anomalies in Distributed Firewalls
 

Summary: Discovery of Policy Anomalies
in Distributed Firewalls
Ehab S. Al-Shaer and Hazem H. Hamed
Multimedia Networking Research Laboratory
School of Computer Science, Telecommunications and Information Systems
DePaul University, Chicago, USA
Email: {ehab, hhamed}@cs.depaul.edu
Abstract-- Firewalls are core elements in network security.
However, managing firewall rules, particularly in multi-firewall
enterprise networks, has become a complex and error-prone
task. Firewall filtering rules have to be written, ordered and
distributed carefully in order to avoid firewall policy anomalies
that might cause network vulnerability. Therefore, inserting
or modifying filtering rules in any firewall requires thorough
intra- and inter-firewall analysis to determine the proper rule
placement and ordering in the firewalls. In this paper, we identify
all anomalies that could exist in a single- or multi-firewall
environment. We also present a set of techniques and algorithms
to automatically discover policy anomalies in centralized and
distributed legacy firewalls. These techniques are implemented in

  

Source: Al-Shaer, Ehab - School of Computer Science, Telecommunications and Information Systems, DePaul University

 

Collections: Computer Technologies and Information Sciences