On Optimal Firewall Rule Ordering
In today's online connected world, almost all corporate networks use some form of perimeter firewalls to manage Internet connections and enforce a security policy at the corporate gateway. Although it can considerably enhance network security and protect business-critical information, a firewal...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , |
| Format: | article |
| Published: |
2020
|
| Subjects: | |
| Online Access: | https://eprints.kfupm.edu.sa/id/eprint/2560/1/on_optimal_firewall_rule_ordering_el_alfy_isip_000248573200124.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513391139225600 |
|---|---|
| author | El-Alfy, E.S.M. |
| author2 | Selim, S.Z. unknown |
| author2_role | author author |
| author_facet | El-Alfy, E.S.M. Selim, S.Z. unknown |
| author_role | author |
| dc.creator.none.fl_str_mv | El-Alfy, E.S.M. Selim, S.Z. unknown |
| dc.date.*.fl_str_mv | 2020 |
| dc.format.none.fl_str_mv | application/pdf |
| dc.identifier.none.fl_str_mv | https://eprints.kfupm.edu.sa/id/eprint/2560/1/on_optimal_firewall_rule_ordering_el_alfy_isip_000248573200124.pdf On Optimal Firewall Rule Ordering. 2007 IEEE/ACS INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS, 1 and. pp. 819-824. |
| dc.language.none.fl_str_mv | en |
| dc.publisher.none.fl_str_mv | IEEE |
| dc.relation.none.fl_str_mv | https://eprints.kfupm.edu.sa/id/eprint/2560/ |
| dc.rights.*.fl_str_mv | info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Computer |
| dc.title.none.fl_str_mv | On Optimal Firewall Rule Ordering |
| dc.type.none.fl_str_mv | Article PeerReviewed info:eu-repo/semantics/publishedVersion info:eu-repo/semantics/article |
| description | In today's online connected world, almost all corporate networks use some form of perimeter firewalls to manage Internet connections and enforce a security policy at the corporate gateway. Although it can considerably enhance network security and protect business-critical information, a firewall with thousands of rules can become a bottleneck for network performance. The primary goal of this paper is to present a new rule order optimizer based on simulated annealing to find optimal configurations that minimize the average number of rule comparisons while preserving precedence relationships among disjoint rules. The proposed approach is evaluated and its effectiveness is compared with another approximate solution under several firewall configurations and policy profiles. |
| eu_rights_str_mv | openAccess |
| format | article |
| id | KFUPM_d4e0f27ffc4daf25549302617e3fd7d4 |
| identifier_str_mv | On Optimal Firewall Rule Ordering. 2007 IEEE/ACS INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS, 1 and. pp. 819-824. |
| language_invalid_str_mv | en |
| network_acronym_str | KFUPM |
| network_name_str | King Fahd University of Petroleum and Minerals |
| oai_identifier_str | oai::2560 |
| publishDate | 2020 |
| publisher.none.fl_str_mv | IEEE |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| spelling | On Optimal Firewall Rule OrderingEl-Alfy, E.S.M.Selim, S.Z.unknownComputerIn today's online connected world, almost all corporate networks use some form of perimeter firewalls to manage Internet connections and enforce a security policy at the corporate gateway. Although it can considerably enhance network security and protect business-critical information, a firewall with thousands of rules can become a bottleneck for network performance. The primary goal of this paper is to present a new rule order optimizer based on simulated annealing to find optimal configurations that minimize the average number of rule comparisons while preserving precedence relationships among disjoint rules. The proposed approach is evaluated and its effectiveness is compared with another approximate solution under several firewall configurations and policy profiles.IEEEArticlePeerReviewedinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttps://eprints.kfupm.edu.sa/id/eprint/2560/1/on_optimal_firewall_rule_ordering_el_alfy_isip_000248573200124.pdf On Optimal Firewall Rule Ordering. 2007 IEEE/ACS INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS, 1 and. pp. 819-824. enhttps://eprints.kfupm.edu.sa/id/eprint/2560/2020info:eu-repo/semantics/openAccessoai::25602019-11-01T13:44:50Z |
| spellingShingle | On Optimal Firewall Rule Ordering El-Alfy, E.S.M. Computer |
| status_str | publishedVersion |
| title | On Optimal Firewall Rule Ordering |
| title_full | On Optimal Firewall Rule Ordering |
| title_fullStr | On Optimal Firewall Rule Ordering |
| title_full_unstemmed | On Optimal Firewall Rule Ordering |
| title_short | On Optimal Firewall Rule Ordering |
| title_sort | On Optimal Firewall Rule Ordering |
| topic | Computer |
| url | https://eprints.kfupm.edu.sa/id/eprint/2560/1/on_optimal_firewall_rule_ordering_el_alfy_isip_000248573200124.pdf |