Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
302 IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 27, NO. 3, APRIL 2009 Automated Pseudo-Live Testing of Firewall
 

Summary: 302 IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 27, NO. 3, APRIL 2009
Automated Pseudo-Live Testing of Firewall
Configuration Enforcement
Ehab Al-Shaer, Adel El-Atawy, and Taghrid Samak
Abstract--Network security devices such as firewalls and
intrusion detection systems are constantly updated in their imple-
mentation to accommodate new features, performance standards
and to utilize new hardware optimization. Reliable, yet practical,
testing techniques for validating the configuration enforcement
after every new software and firmware update become necessary
to assure correct configuration realization. Generating random
traffic to test the firewall configuration enforcement is not only
inaccurate but also impractical as it requires an infeasible
number of test cases for a reasonable testing coverage. In
addition, in most cases the policies used during testing are
manually generated or have limited configuration profiles.
We present a framework for automatic testing of the firewall
configuration enforcement using efficient and flexible policy and
traffic generation. In a typical test session, a large set of different
policies are generated based on the access-control list (ACL)

  

Source: Al-Shaer, Ehab - School of Computer Science, Telecommunications and Information Systems, DePaul University

 

Collections: Computer Technologies and Information Sciences