Sciweavers

LISA
2007

Assisted Firewall Policy Repair Using Examples and History

14 years 2 months ago
Assisted Firewall Policy Repair Using Examples and History
Firewall policies can be extremely complex and difficult to maintain, especially on networks with more than a few hundred machines. The difficulty of configuring a firewall properly often leads to serious errors in the firewall configuration or discourage system administrators from implementing restrictive policies. In previous research, we developed a technique for modeling firewall policies using Multiway Decision Diagrams and performing logical queries against a decision diagram model. Using the query logic, the system administrator can detect errors in the policy and gain a deeper understanding of the behavior of the firewall. The technique is extremely efficient and can process policies with thousands of rules in just a few seconds. While queries are a significant improvement over manual inspection of the policy for detecting that errors exist, they provide only limited assistance in repairing a broken policy. In this paper we present two extensions to our work, examples and hist...
Robert M. Marmorstein, Phil Kearns
Added 02 Oct 2010
Updated 02 Oct 2010
Type Conference
Year 2007
Where LISA
Authors Robert M. Marmorstein, Phil Kearns
Comments (0)