Firewalls White Papers

Optimization of Network Firewall Policies Using Directed Acyclical Graphs

Overview This paper introduces a new method to improve the performance of list oriented firewall systems. Specifically, the paper addresses reordering a firewall rule set to minimize the average number of comparisons to determine the action, while maintaining the integrity of the original policy. Integrity is preserved if the reordered and original rules always arrive at the same result given a packet. To maintain integrity, this paper will model the rule set as a Directed Acyclical Graph (DAG), where vertices are firewall rules and edges indicate precedence relationships. Given this representation, any linear arrangement of the policy DAG (which is a list of rules) is shown to maintain the original policy integrity.

Further White Paper Details
PublisherWake Forest University File FormatPDF
Date PublishedMay 2005
FormatWhite Papers   
Topics
  • Download White Paper
  • Yes, useful No, not useful Did you find this white paper useful? 1 out of 1 users found this white paper useful
Thin clients switch on digitally excluded

Thin clients switch on digitally excluded

Case study: Digital inclusion project tackles social exclusion in Liverpool more

More Public Sector

Cheat Sheet: QR codes

Cheat Sheet: QR codes

Into the matrix... more

More Mobile & Wireless

Renault goes multilingual

Renault goes multilingual

Case study: Translation tech turns docs into 23 languages… more

More Applications


Quick Sitemap Links: