Firewalls: Modeling and Management

Security in computer networks is a very complex task especially if it is required to separate a corporate network from public Internet or to divide a company's intranet into multiple zones with different security requirements. The network security policy that describes these security requirements is primarily presented in a high-level form. Also, the network security policy is enforced using some low-level security mechanisms; mainly firewall technology. There is a big gap between these two levels of the network security policy making the transformation, the maintenance, the verification or even the modification of the policy is a very hard task. This work helps to understand this problem. Also, the work proposes typical solution to that problem. ConfigMaker: a firewall management toolkit is proposed in this work.