Enhancement Misconfiguration Management of Network Security Components Using Range Algorithm
Source: Mansoura University
Many companies and organizations use firewalls to control the access to their network infrastructure. When processing packages, conflicts due to rule overlaps can occur within the filtering policy. To solve these conflicts most firewall implementation use a first matching strategy through the ordering of rules. This way each packet processed by the firewall is mapped to the decision of the rule with highest priority. This strategy introduces however new configuration errors such as shadowing of rules and redundancy lead to inaccurate results. In this paper new algorithm called range algorithm introduced to get the best case for solving conflict and shadowing problems. Also get result rules that is free inconsistency and finding rules that cause inconsistency.