Sciweavers

POLICY
2007
Springer

An Automated Framework for Validating Firewall Policy Enforcement

14 years 6 months ago
An Automated Framework for Validating Firewall Policy Enforcement
The implementation of network security devices such as firewalls and IDSs are constantly being improved to accommodate higher security and performance standards. Using reliable and yet practical techniques for testing the functionality of firewall devices particularly after new filtering implementation or optimization becomes necessary to assure proven security. Generating random traffic to test the functionality of firewall matching is inefficient and inaccurate as it requires an exponential number of test cases for a reasonable coverage. In addition, in most cases the policies used during testing are limited and manually generated representing fixed policy profiles. In this paper, we present a framework for automatic testing of the firewall policy enforcement or implementation using efficient random traffic and policy generation techniques. Our framework is a two-stage architecture that provides a satisfying coverage of the firewall operational states. A large variety of...
Adel El-Atawy, Taghrid Samak, Zein Wali, Ehab Al-S
Added 09 Jun 2010
Updated 09 Jun 2010
Type Conference
Year 2007
Where POLICY
Authors Adel El-Atawy, Taghrid Samak, Zein Wali, Ehab Al-Shaer, Frank Lin, Christopher Pham, Sheng Li
Comments (0)