Firewall is the de facto core technology of network security and defense. However, the management of firewall rules has been proven to be complex, error-prone, costly and inefficient for many large-networked organizations. These firewall rules are mostly custom-designed and hand-written thus in constant need for tuning and validation, due to the dynamic nature of the traffic characteristics, ever-changing network environment and its market demands. One of the main problems addressed in this paper is that how much the firewall rules are useful, up-to-dated, well-organized or efficient to reflect the current characteristics of network traffics. The paper presents a set of techniques and algorithms to analysis and manages firewall policy rules.
Did you find this white paper useful?
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Small Business Webcast: Upgrade Today: An Overview of Windows XP Service Pack 2 - Level 100
Did you know that the Windows XP Service Pack 2 has a number of security enhancements to help you protect your PC? In this webcast, you will find out more...
Engineering e-Business Applications for Security
Without on-demand security there's no on-demand business. Today e-business applications provide critical links among businesses, customers and partners. Any vulnerability translates quickly into loss of revenue, confidence and trust. Traditionally,...
Protecting the Enterprise Network: Layered Network Security Defense
Securing the network perimeter and prohibiting unauthorized access from within can prove to be a daunting challenge. Today's businesses must guarantee uninterrupted access to network resources. Products must be designed...
SANS Tool Talk Webcast: Desktop Security - A Multi-Layered Approach to Protecting Your Investment
This informative Webcast hosted by The SANS Institute explores the threat environment that host systems face and addresses the confusion surrounding desktop technology. In addition it fully examines the available...
