Abstract. The ambient calculus is a calculus of computation that allows active processes (mobile ambients) to move between sites. A firewall is said to be protective whenever it denies entry to attackers not possessing the required passwords. We devise a polynomial time algorithm for rejecting proposed firewalls that are not guaranteed to be protective. This is based on a control flow analysis for recording what processes may turn up inside what other processes; in particular, we develop a syntaxdirected system for specifying the acceptability of an analysis, we prove that all acceptable analyses are semantically sound, and we demonstrate that each process admits a least analysis.