For the security consistency, firewall rule editing, ordering, and distribution must be done very carefully on each of the cooperative firewalls, especially in a large-scale and multi-firewall-equipped network. Nevertheless, a network operator is prone to incorrectly configuring the firewalls because there are typically thousands or hundreds of filtering/admission rules (i.e., rules in the Access Control List file; or ACL for short) which should be setup in a firewall, not mention these rules among firewalls which affect mutually can make the matter worse. For this reason, our work is to build a visualized validation system for checking the security consistency between firewalls' rule configuration and the demands of network security policies. The system collects the filtering/admission rules (or ACL rules) from all of the firewalls (and routers if they are ACL-configured) in the managed network and then checks if these rules meet the demands of the global network security policies. The checked/analyzed results would later be visualized systematically by our system with different viewpoints for error debugging or anomaly removal. Currently, part of the firewalls' configuration of our campus network has being used to demonstrate our system's implementation. © Springer-Verlag Berlin Heidelberg 2007.
CITATION STYLE
Chao, C. S. (2007). A visualized internet firewall rule validation system. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4773 LNCS, pp. 364–374). Springer Verlag. https://doi.org/10.1007/978-3-540-75476-3_37
Mendeley helps you to discover research relevant for your work.