Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Modeling and Management of Firewall Policies Ehab S. Al-Shaer and Hazem H. Hamed
 

Summary: 1
Modeling and Management of Firewall Policies
Ehab S. Al-Shaer and Hazem H. Hamed
Abstract-- Firewalls are core elements in network security.
However, managing firewall rules, especially for enterprize net-
works, has become complex and error-prone. Firewall filtering
rules have to be carefully written and organized in order to
correctly implement the security policy. In addition, inserting
or modifying a filtering rule requires thorough analysis of
the relationship between this rule and other rules in order
to determine the proper order of this rule and commit the
updates. In this paper, we present a set of techniques and
algorithms that provide (1) automatic discovery of firewall policy
anomalies to reveal rule conflicts and potential problems in
legacy firewalls, and (2) anomaly-free policy editing for rule
insertion, removal and modification. This is implemented in a
user-friendly tool called "Firewall Policy Advisor." The Firewall
Policy Advisor significantly simplifies the management of any
generic firewall policy written as filtering rules, while minimizing
network vulnerability due to firewall rule misconfiguration.

  

Source: Al-Shaer, Ehab - School of Computer Science, Telecommunications and Information Systems, DePaul University

 

Collections: Computer Technologies and Information Sciences