Skip to Main Content
Summary form only given. Firewalls are core elements in network security. However, managing firewall rules, particularly in multi-firewall enterprise networks, has become a complex and error-prone task. Firewall filtering rules have to be written, ordered and distributed carefully in order to avoid firewall policy conflicts (or anomalies) and network vulnerability. Therefore, in order to produce anomaly-free firewall policies when adding or modifying rules in any firewall, a thorough intra- and inter-firewall analysis is required to determine the rule location (which firewall) and position (what order in the firewall policy) in the network. We comprehensibly identify all types of anomaly that could exist in single- or multi-firewall environments. We then present a set of techniques/tools that automatically discover and rectify policy anomalies in centralized and distributed legacy firewalls.
Network Operations and Management Symposium, 2004. NOMS 2004. IEEE/IFIP (Volume:1 )
Date of Conference: 23-23 April 2004