tailieunhanh - Case study on firewall rules analysis for CWN

In this paper authors proposed a software based system which carry out the analysis of rules implemented in the firewall to find hidden anomalies if any as well as any address conflicts for the Campus Wide Network (CWN) of Vishwakarma Institute of Technology, Pune, India. This information can be very useful for the administrator to modify the existing policies as well as to add the new policies with fewer complexities. Institute has the CWN consisting the seven Ethernet Segments for seven major departments in the institute. | International Journal of Computer Networks and Communications Security VOL. 5, NO. 2, FEBRUARY 2017, 20–27 Available online at: E-ISSN 2308-9830 (Online) / ISSN 2410-0595 (Print) Case Study on Firewall Rules Analysis for CWN MANIKRAO L DHORE1 and RADHWAN ALDHAHERI2 1, 2 Computer Engineering Department, Vishwakarma Institute of Technology, Savitribai Phule Pune University, Pune, India 1 , 2radhwannn@ ABSTRACT In this paper authors proposed a software based system which carry out the analysis of rules implemented in the firewall to find hidden anomalies if any as well as any address conflicts for the Campus Wide Network (CWN) of Vishwakarma Institute of Technology, Pune, India. This information can be very useful for the administrator to modify the existing policies as well as to add the new policies with fewer complexities. Institute has the CWN consisting the seven Ethernet Segments for seven major departments in the institute. The proposed system control the flow of Local Area Network (LAN) segments communication which is a part of CWN by using a method that analyzes the firewall polices or rule-set, Relational Algebra and One Way 2D Road proposed Model. It can discover all the types of anomalies in the firewall rule-set in the format that is usually used by many firewall products. The most of the existing analyzing methods consider the anomalies between any two rules and very few consider more than two rules together at the same time to discover the anomalies. In this paper we have adopted the combination of both these methods to detect the anomalies effectively. With the proposed system, it is possible to discover most of the hidden anomalies in the firewall rule-set and to reduce the size of rule set by eliminating redundant rules without changing the existing policies. This software based system is developed, implemented and tested over the CWN. Keywords: Firewall Policies, Shadowing Anomaly, Correlation .

• Hệ điều hành
• International Journal of Computer Networks and Communications Security
• Case study on firewall rules analysis for CWN
• Firewall rules analysis for CWN
• The Campus Wide Network
• Vishwakarma Institute of Technology