Firewall Configuration Errors Revisited

Computer Science – Cryptography and Security

Scientific paper

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

Scientific paper

The first quantitative evaluation of the quality of corporate firewall configurations appeared in 2004, based on Check Point FireWall-1 rule-sets. In general that survey indicated that corporate firewalls were often enforcing poorly written rule-sets, containing many mistakes. The goal of this work is to revisit the first survey. The current study is much larger. Moreover, for the first time, the study includes configurations from two major vendors. The study also introduce a novel "Firewall Complexity" (FC) measure, that applies to both types of firewalls. The findings of the current study indeed validate the 2004 study's main observations: firewalls are (still) poorly configured, and a rule-set's complexity is (still) positively correlated with the number of detected risk items. Thus we can conclude that, for well-configured firewalls, ``small is (still) beautiful''. However, unlike the 2004 study, we see no significant indication that later software versions have fewer errors (for both vendors).

No associations

LandOfFree

Say what you really think

Search LandOfFree.com for scientists and scientific papers. Rate them and share your experience with other people.

Rating

Firewall Configuration Errors Revisited does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Firewall Configuration Errors Revisited, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Firewall Configuration Errors Revisited will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFWR-SCP-O-391211

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.