Handle Firewall Security Policy by Graphical Traffic Matrix: Grouping of Firewall Rules
MetadataVis full innførsel
Organizations today are in trust of the diversity the Internet gives. With a connection they re able to do end-to-end communication with customers and partners everywhere in the world, and because the diversity of Internet, the information security is very important against threats and vulnerabilities. Inner and outer affections happen regularly, and as a response to this, security settings have to be reconfigured. This is making policy management important, and especially in complex and high risk organizations. Because error configurations may be a challenge, and costly in time and money, these configurations in such organizations should be available to do from a single interface to ease up management and to avoid errors that could produce security breaches. Firewalls have been around for 20 years making them one of the first security devices in the market. The configuration and security is made by writing rules that s deciding what traffic is allowed or denied via the firewall. These rules are usually made out of a traffic matrix that illustrates a summary of legal and illegal traffic through a given perimeter. The matrix could be made by a table insertion, or like the one evaluated in this paper, a method creating a traffic matrix existed by boxes and pointers making a complete graphical one. In addition to boxes and pointers, the method also includes an indexing of the rule set which makes the rule sets and security policy even easier to understand. There are several existing solutions of policy management software developed by hardware vendors, or by pure software companies. While hardware vendors may develop complementary solutions to their own products, software companies have to develop solutions that are complementary to several hardware vendors. Some examples of the companies developing policy management products are Cisco, Checkpoint and Solsoft. There s a missing link between the traffic matrix and policy management software which eventually could provoke a security breach if rapidly changes is occurring often. The frequently and continuous changes to both matrix and rule set could then get the security administrators into a scrape, and the compliance of keeping the policy consistent according to both matrix and software could vanish. A friendlier way to describe the matrix could assist the security administrators to keep the policy consistent according to what is actually secured.