Journal Press India^®

Author Details ( * ) denotes Corresponding author

Firewall is a most crucial element to implement security policies in a network and also crucial to success of network rather say to success of an organization. Despite of its important in any network it has many problems and one of them is increasing number of rules in firewall’s rule set. Since in today’s environment, enterprises looking to provide strongest security to their users and also want to secure their data at maximum level and hence they have increased rules in firewall’s rule set. However increasing number of rules in firewall rule set is not an efficient way to provide maximum security. And this study shows that how can the use of minimum number of rules in firewall rule set to implement optimum security is possible. It has also proved that this problem of minimizing maximum firewall rule set in network is NP complete. One point is noteworthy to mention here that in today’s time as enterprises are moving towards cloud technology the complexity at data center is increased and it is being difficult to implement security in clouds. So by having highly optimized firewalls, it is possible that they can be used to provide security in clouds.

Keywords

Firewall; Firewall Configuration; Rule Set; Policy Tree; Network Security

1. Avishai Wool, A Quantitative Study of Firewall Configuration Errors, IEEE Computer Society, USA, 37(6), 2004, 62-67


2. Bilal Khan, Maqsood Mahmud, Muhammad Khurram Khan, Khaled, Security Analysis of Firewall Rule Sets in Computer Networks. Department of information system, CCIS, kingsaud university,Saudi Arabia, 2004


3. Myungkeun Yoon, Shingang Chen, Zhanzhang, Minimizing the Maximum Firewall Rule Set in a Network with Multiple Firewalls Published by IEEE computer society, 59(2), 2010, 218-229


4. W. Geng, S. Flinn, DcDeourekJ, Usable firewall Configuration, 3rd Annual Conference on Privacy, Security and Institute of information technology, national rearch council Canada, 2005


5. Saeed Al-Haj, Ehab Al-Shaer, Measuring Firewall Security. Department of software and information systems university of north Carolina charlotte, NC USA


6. Alex X. Liu, Mohamed G., Gouda, Diverse Firewall Design, Proc. IEEE Int’l Confs. Depandable Systems and Networks (DNS’04) computer society 19(8), 2008, 595-604


7. Mohamed G. Gouda, Xiang-Yang Alex Liu, Firewall Design: Consistency, Completeness and Compactness, Proc. Int’l. Conf distributed computing system (ICDSC’04), 2004, 320-327


8. Zeeshan Ahmed, Abdessamad Imine, Michael Rusinowitch, Safe and Efficient Strategies for Updating Firewall Policies, Springer-Verlag Berlin Heidelberg, 2010, 45-57


9. Mohamed G. Gouda, Alex X. Liu1, A Model of Stateful Firewalls and its Properties, Proc.IEEE Int’Conf. Dependable system and Networks (DNS), 2005.


10. Ehab Al-Shaer, Hazem Hamed, Conflict Classification and Analysis of Distributed Firewall Policies, School of Computer Science DePaul University, Chicago, USA


11. G. Gouda, Alex X Liu, Structured Firewall Design. The International Journal of Computer and Telecommunications Networking, New York, 51(4), 2007, 1106-1120


12. Ehab S. Al-Shaer, Hazem H, Hamed. Modeling and Management of Firewall Policies, IEEE Transactions on Network and Service Management, 1(1), 2004, 2-10


13. Charles C. Zhang, Marianne Winslett Carl A., On the Safety and Efficiency of Firewall Policy Deployment, Gunter University of Illinois at Urbana-Champaign 201 North Goodwin Avenue Urbana, IL 61801, USA.