On Optimal Firewall Rule Ordering

(2007) On Optimal Firewall Rule Ordering. Computer Systems and Applications, 2007. AICCSA '07. IEEE/ACS International conference, 1.

[img]
Preview
PDF
14846_1.pdf

Download (18kB) | Preview
[img] Microsoft Word
14846_2.doc

Download (26kB)

Abstract

In today's online connected world, almost all corporate networks use some form of perimeter firewalls to manage Internet connections and enforce a security policy at the corporate gateway. Although it can considerably enhance network security and protect business-critical information, a firewall with thousands of rules can become a bottleneck for network performance. The primary goal of this paper is to present a new rule order optimizer based on simulated annealing to find optimal configurations that minimize the average number of rule comparisons while preserving precedence relationships among disjoint rules. The proposed approach is evaluated and its effectiveness is compared with another approximate solution under several firewall configurations and policy profiles.

Item Type: Article
Subjects: Computer
Department: College of Computing and Mathematics > lndustrial and Systems Engineering
Depositing User: Mr. Admin Admin
Date Deposited: 24 Jun 2008 13:51
Last Modified: 01 Nov 2019 14:07
URI: http://eprints.kfupm.edu.sa/id/eprint/14846