Skip to main content
placeholder image

Comparing and Debugging Firewall Rule Tables

Journal Article


Abstract


  • Firewalls are one of the essential components of secure networks. However, configuring

    firewall rule tables for large networks with complex security requirements is a difficult and error

    prone task. A method of representing firewall rule table that allows comparison of two tables is

    developed, and an algorithm that determines if two tables are equivalent is provided. (That is

    the set of packets that are permitted by the two tables are the same.) How such algorithm can

    assist system administrators to correctly implement organisational policy is discussed. The proposed

    approach is implemented and the results of the experiments are shown.

UOW Authors


  •   Lu, Liang (external author)
  •   Safavi-Naini, Rei (external author)
  •   Horton, Jeffrey P. (external author)
  •   Susilo, Willy

Publication Date


  • 2007

Citation


  • Lu, L., Safavi-Naini, R., Horton, J. P. & Susilo, W. (2007). Comparing and Debugging Firewall Rule Tables. IET Information Security, 1 (4), 143-151.

Scopus Eid


  • 2-s2.0-37549016292

Number Of Pages


  • 8

Start Page


  • 143

End Page


  • 151

Volume


  • 1

Issue


  • 4

Abstract


  • Firewalls are one of the essential components of secure networks. However, configuring

    firewall rule tables for large networks with complex security requirements is a difficult and error

    prone task. A method of representing firewall rule table that allows comparison of two tables is

    developed, and an algorithm that determines if two tables are equivalent is provided. (That is

    the set of packets that are permitted by the two tables are the same.) How such algorithm can

    assist system administrators to correctly implement organisational policy is discussed. The proposed

    approach is implemented and the results of the experiments are shown.

UOW Authors


  •   Lu, Liang (external author)
  •   Safavi-Naini, Rei (external author)
  •   Horton, Jeffrey P. (external author)
  •   Susilo, Willy

Publication Date


  • 2007

Citation


  • Lu, L., Safavi-Naini, R., Horton, J. P. & Susilo, W. (2007). Comparing and Debugging Firewall Rule Tables. IET Information Security, 1 (4), 143-151.

Scopus Eid


  • 2-s2.0-37549016292

Number Of Pages


  • 8

Start Page


  • 143

End Page


  • 151

Volume


  • 1

Issue


  • 4