Review: Firewall Privacy Preservation By Packet Filtering Management (original) (raw)
Related papers
REVIEW ON REDUNDANCY REMOVAL OF RULES FOR OPTIMIZING FIREWALL
Firewalls are such a system, designed to prevent unauthorized internet access to or from private networks. A firewall checks all incoming and outgoing traffic by analyzing the data packets and then by using different policies determines whether to accept or discard the traffic. It is important to boost the firewall policies to improve network performance. The performance of the firewall is critical in enforcing and administrating security when network is under attack. Growth of the Internet with the increasing civilization of the attacks is placing stiff demands on firewall performance. It has been noticed that firewall policies are badly outlined and very erroneous. So it is very important to increase the performance of the firewall with good design of policies. Firewall performance can be optimized using various techniques like, optimizing firewall rules, optimization using data mining techniques. Firewall policies cannot be shared across domains as it contains confidential information and also various security holes are also present. Virtual private network integrated with mutual firewall protect the external network from encipher drift freight with minimum cost. Previous work gives emphasis on cross-domain privacy-preserving interfirewall optimization by removing interfirewall policy redundancies with preserving privacy. This privacy preserving protocol identifies rules of two adjoining firewalls resting between separate domains. This protocol sustains no more online packet process cost and offline process time is also less [16].
Cross Domain Privacy Preserving Protocol for Cooperative Firewall Optimization
cegon technologies, 2019
Firewalls have been widely deployed on the Internet for securing private networks. A firewall checks each incoming or outgoing packet to decide whether to accept or discard the packet based on its policy. Optimizing firewall policies is crucial for improving network performance. Prior work on firewall optimization focuses on either intrafirewall or interfirewall optimization within one administrative domain where the privacy of firewall policies is not a concern. This paper explores interfirewall optimization across administrative domains for the first time. The key technical challenge is that firewall policies cannot be shared across domains because a firewall policy contains confidential information and even potential security holes, which can be exploited by attackers. In this paper, we propose the first cross-domain privacy-preserving cooperative firewall policy optimization protocol. Specifically, for any two adjacent firewalls belonging to two different administrative domains, our protocol can identify in each firewall the rules that can be removed because of the other firewall. The optimization process involves cooperative computation between the two firewalls without any party disclosing its policy to the other. We implemented our protocol and conducted
Modeling and Management of Firewall Policies
IEEE Transactions on Network and Service Management, 2004
Firewalls are core elements in network security. However, managing firewall rules, especially for enterprize networks, has become complex and error-prone. Firewall filtering rules have to be carefully written and organized in order to correctly implement the security policy. In addition, inserting or modifying a filtering rule requires thorough analysis of the relationship between this rule and other rules in order to determine the proper order of this rule and commit the updates. In this paper, we present a set of techniques and algorithms that provide (1) automatic discovery of firewall policy anomalies to reveal rule conflicts and potential problems in legacy firewalls, and (2) anomaly-free policy editing for rule insertion, removal and modification. This is implemented in a user-friendly tool called "Firewall Policy Advisor." The Firewall Policy Advisor significantly simplifies the management of any generic firewall policy written as filtering rules, while minimizing network vulnerability due to firewall rule misconfiguration.
Optimization of Firewall Rules
2007 29th International Conference on Information Technology Interfaces, 2007
Network performance highly depends on efficiency of the firewall because for each network packet which enters or leaves the network a decision has to be made whether to accept it or reject it. This paper presents one approach to rule optimization solutions for improving firewall performance. The new software solution has been developed based on relations between rules. Its main purpose is to remove anomalies in ordering of Linux firewall rules and to merge similar rules.
A History and Survey of Network Firewalls
Firewalls are network devices which enforce an organization's security policy. Since their development, various methods have been used to implement firewalls. These methods filter network traffic at one or more of the seven layers of the ISO network model, most commonly at the application, transport, and network, and data-link levels. In addition, researchers have developed some newer methods, such as protocol normalization and distributed firewalls, which have not yet been widely adopted. Firewalls involve more than the technology to implement them. Specifying a set of filtering rules, known as a policy, is typically complicated and error-prone. High-level languages have been developed to simplify the task of correctly defining a firewall's policy. Once a policy has been specified, the firewall needs to be tested to determine if it actually implements the policy correctly. Little work exists in the area of firewall theory; however, this article summarizes what exists. Because some data must be able to pass in and out of a firewall, in order for the protected network to be useful, not all attacks can be stopped by firewalls. Some emerging technologies, such as Virtual Private Networks (VPN) and peer-to-peer networking pose new challenges for firewalls.
2014
Network security is usually protected by a firewall, which checks in-out packets against a set of defined policies or rules. Hence, the overall performance of the firewall generally depend on its rule management. For example, the performance can be decreased when there are firewall rule anomalies. The anomalies may happen when two sets of firewall rules are overlapped or their decision parts are both an acceptance and a denial simultaneously. Firewall optimization focuses on either inter-firewall or intra-firewall optimization within one administrative domain where the privacy of firewall policies is not a concern. Explore interfirewall optimization across administrative domain for the first time. The key technical challenge is that firewall policy cannot be shared across domains because a firewall policy contains confidential information and even potential security holes, which can be exploited by attackers. Using interfirewall redundant rule which overcome the prior problem and enable the interfirewall optimization across administrative domains. Also propose the first cross domain cooperative firewall (CDCF) policy optimization protocol. The optimization process involves cooperative computation between the two firewall without any party disclosing its policy to the other.
On autonomic optimization of firewall policy organization
Journal of High Speed Networks, 2006
Security policies play a critical role in many of the current network security technologies such as firewalls, IPSec and IDS devices. The configuration of these policies not only determines the functionality of such devices, but also substantially affects their performance. The optimization of filtering policy configuration is critically important to provide high performance packet filtering particularly for high speed network security.
Novel Design and Implementation of Cross-Domain Privacy-Preserving Firewall Optimization
2015
Firewalls are very important in Internet for providing security and privacy. Firewalls checks each incoming and outgoing packets based on its rules set in their policies. As per the vast requirement of services on internet the rule set in firewall policies becomes large, so the increasing number of rules in a firewall policy reduces its throughput. So, optimizing the firewalls is very important for improving the throughput as well as network performance. In this paper we propose a novel privacy preserving protocol that removes the redundant rules present in two adjacent firewalls that belong to two different administrative domains, and reorder those rules, in a privacy preserving way. We implemented our protocol and conducted experiments. As the result our protocol effectively removed the redundant rules and enormously improved the network performance. Keywords— Cooperative Firewall, Privacy Preservation, Cross domain, Firewall optimization
Design and implementation of firewall policy advisor tools
DePaul University, CTI, Tech. Rep, 2002
Firewalls are core elements in network security. However, managing firewall rules, especially for enterprise networks, has become complex and error-prone. Firewall filtering rules have to be carefully written and organized in order to correctly implement the security policy. In ...
Dynamic rule and rule-field optimisation for improving firewall performance and security
This paper presents a novel approach to improve firewall packet filtering through optimizing the order of firewall rules for early packet acceptance as well as the order of rule-fields for early packet rejection. The proposed approach is based on the calculation of the histograms of packet matching rules and of packet not matching rule-fields. These histograms are able to effectively monitor firewall performance in real-time and to predict the patterns of packet filtering in terms of rules order and rule-fields order. Furthermore, the proposed approach becomes even more significant when firewall is heavily loaded with burst traffic. A comparison of the proposed approach and the other conventional approaches, including static rule order approach and dynamic rule order approach is presented. The numerical results obtained by simulations demonstrate that the proposed approach is able to significantly improve the firewall efficiency in terms of cumulative processing time compared to other conventional approaches. Furthermore, the proposed scheme also has capability to significantly reduce the effect of many common network attacks on firewall performance.