KFUPM ePrints

On optimal firewall rule ordering

El-Alfy, E.-S.M. and Selim, S.Z. (2007) On optimal firewall rule ordering. In: IEEE International Conference on Computer Systems and Applications (AICCSA’07).

Restricted to Registered users only



In today's online connected world, almost all corporate networks use some form of perimeter firewalls to manage Internet connections and enforce a security policy at the corporate gateway. Although it can considerably enhance network security and protect business-critical information, a firewall with thousands of rules can become a bottleneck for network performance. The primary goal of this paper is to present a new rule order optimizer based on simulated annealing to find optimal configurations that minimize the average number of rule comparisons while preserving precedence relationships among disjoint rules. The proposed approach is evaluated and its effectiveness is compared with another approximate solution under several firewall configurations and policy profiles.

Item Type:Conference or Workshop Item (Paper)
Divisions:College Of Computer Sciences and Engineering > Information and Computer Science Dept
Creators:El-Alfy, E.-S.M. and Selim, S.Z.
Email:alfy@kfupm.edu.sa, UNSPECIFIED
ID Code:10686
Deposited By:Dr. EL-SAYED EL-ALFY
Deposited On:25 Jun 2008 14:46
Last Modified:12 Apr 2011 13:14

Repository Staff Only: item control page