FIREMAN: A Toolkit for FIREwall Modeling and ANalysis
Source: University of California
Security concerns are becoming increasingly critical in networked systems. Firewalls provide important defense for network security. However, misconfigurations in firewalls are very common and significantly weaken the desired security. This paper introduces FIREMAN, a static analysis toolkit for firewall modeling and analysis. By treating firewall configurations as specialized programs, FIREMAN applies static analysis techniques to check misconfigurations, such as policy violations, inconsistencies, and inefficiencies, in individual firewalls as well as among distributed firewalls. FIREMAN performs symbolic model checking of the firewall configurations for all possible IP packets and along all possible data paths. It is both sound and complete because of the finite state nature of firewall configurations.
| Format: | Size: | 358.40 | |
| Date: | Mar 2006 |
People who downloaded this item also downloaded
- Verify Consistency Between Security Policy and Firewall Policy With Answer Set Programming
- Automatic Detection of Firewall Misconfigurations Using Firewall and Network Routing Policies
- The Concise Guide to E-Discovery
- Cisco Network Address Translation (NAT)
- Analysis of Firewall Policy Rules Using Traffic Mining Techniques
