By Topic

Managing firewall and network-edge security policies

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Al-Shaer, E. ; DePaul Univ., Chicago, IL, USA

Summary form only given. Firewalls are core elements in network security. However, managing firewall rules, particularly in multi-firewall enterprise networks, has become a complex and error-prone task. Firewall filtering rules have to be written, ordered and distributed carefully in order to avoid firewall policy conflicts (or anomalies) and network vulnerability. Therefore, in order to produce anomaly-free firewall policies when adding or modifying rules in any firewall, a thorough intra- and inter-firewall analysis is required to determine the rule location (which firewall) and position (what order in the firewall policy) in the network. We comprehensibly identify all types of anomaly that could exist in single- or multi-firewall environments. We then present a set of techniques/tools that automatically discover and rectify policy anomalies in centralized and distributed legacy firewalls.

Published in:

Network Operations and Management Symposium, 2004. NOMS 2004. IEEE/IFIP  (Volume:1 )

Date of Conference:

23-23 April 2004