Optimization of Firewall

Article English OPEN
Sonune, Gopal ; Dange, Amit (2013)
  • Publisher: Journal of Engineering Computers & Applied Sciences
  • Journal: Journal of Engineering Computers & Applied Sciences (issn: 2319-5606, eissn: 2319-5606)
  • Subject: Computer Sciences | Firewall optimization, ACL optimization, ACL partitioning.
    acm: ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS
    arxiv: Computer Science::Cryptography and Security | Computer Science::Networking and Internet Architecture

This paper represents a general framework for rule-based firewall optimization. We give a precise formulation of firewall optimization as an integer programming problem and show that our framework produces optimal reordered rule sets that are semantically equivalent to the original rule set. Our framework considers the complex interactions among the rules in firewall configurations and relies on a novel partitioning of the packet space defined by the rules themselves. For validation, we employ this framework on real firewall rule sets for a quantitative evaluation of existing heuristic approaches
Share - Bookmark