查看文章

Firewalls are the screening gates for the internet/intranet traffic in computer networks. However, deploying a firewall is simply not enough since it needs to be configured by the system administrator according to the needs of the organization. There are many reasons due to which it is hard for the administrator to configure the firewall properly. Specifying firewall rule set is complicated and error prone. Once the firewall rules are defined, then firewall should be tested, whether it actually implements firewall policy. In this paper, one of the approaches of the firewall rule set analysis, i.e., the problems with the structure of the firewall rule set is being addressed. The structure of a sample firewall rule set is analyzed to detect and resolve conflicts using two structural analysis methodologies, i.e., Policy Tree and Relational Algebra. Then the results obtained from the test by using an automated tool PolicyVisor, based on the …