| Publisher | Universitat Autonoma de Barcelona | ||
|---|---|---|---|
| Format | 104.4KB PDF | Date added | 01 Dec 2007 |
| Topics | Firewalls, Network Security, Security Tools | ||
| Downloads | 26 | ||
To police network traffic, firewalls must be configured with a set of filtering rules. The existence of errors in this set is very likely to degrade the network security policy. The management of these configuration errors is a serious and complex problem to solve. This paper presents a set of algorithms to manage rules that never apply or are redundant in a firewall configuration. The approach is based on the analysis of relationships between the set of filtering rules. Then, a subsequent rewriting of rules will derive from an initial firewall setup to an equivalent one completely free of errors. At the same time, the algorithms will detect both shadowed and redundant rules in the initial firewall configuration.
Related white papers
Messagelabs - IT Security Threats of Today and Tommorrow Webcast Supporting Doc
This document supports th silicon.com webcast which discusses some of the security threats to IT systems that organisations have to face on a daily basis - and what do about...
Intel® Centrino® 2 with vPro™ Technology and Intel® Core™2 Processor with vPro™ Technology
This whitepaper explores how the latest notebook and desktop PCs with Intel® vPro™ technology build on proven capabilities to enable greater proactive security, enhanced maintenance, and improved remote management both...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Understanding Web application security challenges
Business has grown increasingly independent upon web applications and they are becoming more difficult to secure. This paper explains what you can do to protect your organization and improve Web...
PCI DSS Compliance in the UNIX/Linux Datacenter Environment
This document explains how BeyondTrust PowerBroker supports the Payment Card Industry Data Security Standard (PCI DSS) by limiting and tracking authorization to execute commands and programs that access servers and...
IOS Tips and Tricks
There are a number of things you can do with Cisco's IOS to make your life easier. This white paper presents some ways that IOS commands can help streamline your...
Computer Security Manufacturer Deploys Worldwide Intrusion Prevention to Stop Attackers in Their Tracks
The client is a global computer security powerhouse. The challenge was to detect and prevent network attacks on global network, including known, unknown, and DoS attacks, as well as attacks...




