High-speed policy-based packet forwarding using efficient multi-dimensional range matching
Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication
Packet classification using tuple space search
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Experience in measuring backbone traffic variability: models, metrics, measurements and meaning
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
ACLA: A framework for Access Control List (ACL) Analysis and Optimization
Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security Issues of the New Century
Modeling and Management of Firewall Policies
IEEE Transactions on Network and Service Management
Unraveling the complexity of network management
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Mining policies from enterprise network configuration
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
A formal logic approach to firewall packet filtering analysis and generation
Artificial Intelligence Review
Linear-tree rule structure for firewall optimization
CIIT '07 The Sixth IASTED International Conference on Communications, Internet, and Information Technology
Towards systematic design of enterprise networks
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
The overall performance of a firewall is crucial in enforcing and administrating security, especially when the network is under attack. The continuous growth of the Internet, coupled with the increasing sophistication of the attacks, is placing stringent demands on firewall performance. Under such circumstances it becomes very vital to understand the fundamental behind firewalls and their operation. In this paper, we describe a simulation framework for the study and analysis of firewalls. Based on this framework, we design methodologies to inspect and analyze both multi-dimensional firewall rules and traffic logs information. The data used for this study was collected over a large set of firewall rules and traffic logs at tens of enterprise networks managed by a Tier-1 service provider. The analysis presented in the paper firmly state the importance of considering traffic information in the process of firewall optimization. To the best of our knowledge ours is the first attempt to show the relevance of considering traffic characteristics to aid firewall optimization.