Firewall policy change-impact analysis
نویسندگان
چکیده
منابع مشابه
Change-Impact Analysis of Firewall Policies
Firewalls are the mainstay of enterprise security and the most widely adopted technology for protecting private networks. The quality of protection provided by a firewall directly depends on the quality of its policy (i.e., configuration). Due to the lack of tools for analyzing firewall policies, most firewalls on the Internet have been plagued with policy errors. A firewall policy error either...
متن کاملFirewall Analysis with Policy-based Host Classification
For administrators of large systems, testing and debugging a firewall policy is a difficult process. The size and complexity of many firewall policies make manual inspection of the rule set tedious and error-prone. The complex interaction of conflicting rules can conceal serious errors that compromise the security of the network or interrupt the delivery of important services. Most existing too...
متن کاملFirewall Policy Query Language for Behavior Analysis
Firewalls are one of the most important devices used in network security today. Their primary goal is to provide protections between parties that only wish to communicate over an explicit set of channels, expressed through protocols. These channels are implemented and described in a firewall using a set of rules, collectively referred to as a firewall policy. However, understanding the policy t...
متن کاملDistributed Firewall Policy Validation
With hacking attempts, the cost of security breaches, and the importance of defensive computer security in general all on the rise, strong firewalls are more relevant than ever. At the same time, demands for software diversity and increasingly complex network layouts make evaluating adherence to a unified security policy especially difficult. In this paper, I propose a method of uniformly valid...
متن کاملNetwork Firewall Policy Tries ∗
Network firewalls remain the forefront defense for most computer systems. These critical devices filter traffic by comparing arriving packets to a list of rules, or security policy, in a sequential manner. Unfortunately packet filtering in this fashion can result in significant traffic delays, which is problematic for applications that require strict Quality of Service (QoS) guarantees. Further...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM Transactions on Internet Technology
سال: 2012
ISSN: 1533-5399,1557-6051
DOI: 10.1145/2109211.2109212