Offline firewall analysis

Mayer, Alain; Wool, Avishai; Ziskind, Elisha

doi:10.1007/s10207-005-0074-z

Cited by 44 publications

(38 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A number of existing techniques can be used to generate [7,13,14], query [15,22,23] and perform structural analysis [3,4,6] on network access control configurations. However, these homogeneous firewall-centric approaches tend not consider their interoperation with other and applicationlayer access controls.…”

Section: Discussionmentioning

confidence: 99%

Management of heterogeneous security access control configuration using an ontology engineering approach

Fitzgerald

Foley

2010

Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration

View full text Add to dashboard Cite

Management of heterogeneous enterprise security mechanisms is complex and requires a security administrator to have deep knowledge of each security mechanism's configuration. Effective configuration may be hampered by poor understanding and/or management of the enterprise security policy which, in turn, may unnecessarily expose the enterprise to known threats. This paper argues that knowledge about detailed security configuration, enterprise-level security requirements including best practice recommendations and their relationships can be modelled, queried and reasoned over within an ontology-based framework. A threatbased approach is taken to structure this knowledge. The management of XMPP application-level and firewall-level access control configuration is investigated.

show abstract

Section: Discussionmentioning

confidence: 99%

Management of heterogeneous security access control configuration using an ontology engineering approach

Fitzgerald

Foley

2010

Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration

View full text Add to dashboard Cite

show abstract

“…Bartal et al [5] designed a UML like language for representing firewall policy rules which are obtained from a model compiler which translates the rules into firewall configuration files. A. Mayer et al [11] designed a tool to analyze firewall policy rules. However, the analysis is done offline i.e.…”

Section: Related Workmentioning

confidence: 99%

“…However, the need to protect organization network from internal attacks gave rise to the concept of 'Distributed Firewalls. ' The basic idea of 'Distributed Firewalls' is to make every device present in the network, a firewall that filters traffic to and from itself [11]. Firewalls, especially the packet-filtering firewalls contain certain predefined rules which form the security policy of the firewall.…”

Section: Introductionmentioning

confidence: 99%

Detection of Firewall Policy Anomalies in Real-time Distributed Network Security Appliances

Hanamsagar¹,

Borate²,

Jane³

et al. 2015

IJCA

View full text Add to dashboard Cite

With the advent of emerging technologies like cloud computing, the security of confidential data is of prime importance. Firewalls are widely used as the most basic security device used to protect a network from unauthorized access and network intrusions. Network Administrators define some rules to filter incoming and outgoing packets which form the security policy of the firewall. The large size of firewall policies create complex interactions between policies of the same firewall as well as between multiple firewalls. In this paper, we extend the currently known classification for firewall policy anomalies. Further, we propose a tool which obtains these rules from security devices in real-time environment, detects the anomalies present in them according to the underlying network topology and propagates the consistent rules with the consent of administrator. Currently, the tool can only be used with Cisco security devices; however, it can be extended to incorporate the syntax of other vendor's devices as well.

show abstract

“…This work has led to the development of a number of tools that support offline firewall policy analysis and management [10]. However, the analysis process does not detect specific anomaly types such as shadowing and redundancy.…”

Section: Related Workmentioning

confidence: 99%

Using Argumentation Logic for Firewall Policy Specification and Analysis

Bandara

Kakas

Lupu

et al. 2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Firewalls are important perimeter security mechanisms that imple-ment an organisation's network security requirements and can be notoriously difficult to configure correctly. Given their widespread use, it is crucial that network administrators have tools to translate their security requirements into firewall configuration rules and ensure that these rules are consistent with each other. In this paper we propose an approach to firewall policy specification and analysis that uses a formal framework for argumentation based preference reasoning. By allowing administrators to define network abstractions (e.g. subnets, protocols etc) security requirements can be specified in a declarative manner using high-level terms. Also it is possible to specify preferences to express the importance of one requirement over another. The use of a formal framework means that the security requirements defined can be automatically analysed for inconsistencies and firewall configurations can be automatically generated. We demonstrate that the technique allows any inconsistency property, including those identified in previous research, to be specified and automatically checked and the use of an argumentation reasoning framework provides administrators with information regarding the causes of the inconsistency.

show abstract

Offline firewall analysis

Cited by 44 publications

References 12 publications

Management of heterogeneous security access control configuration using an ontology engineering approach

Management of heterogeneous security access control configuration using an ontology engineering approach

Detection of Firewall Policy Anomalies in Real-time Distributed Network Security Appliances

Using Argumentation Logic for Firewall Policy Specification and Analysis

Contact Info

Product

Resources

About