MANAGING REDUNDANCY AND CONFLICTS IN DISTRIBUTED FIREWALLS

The use of firewall has been widespread in all the emerging technologies such as Service Oriented Architecture, web services, cloud computing and so on. The term security itself is the most important task that has to be maintained in the real-time applications. Policies are enrolled in the security of the firewall where the quality of policies is to be maintained. The network administrator defines the policy as a rule. Managing the firewall policies, maintaining the risk analysis and also the conflicting nature that arise in the network, lack of systematic analysis mechanisms and tools used are often error prone. The distributed firewall is used to overcome the shortcomings of the traditional firewall. In this paper we represent a set of techniques such as, rule-based segmentation technique to identify the policy anomalies and effectively derive the anomaly resolution. Grid-based visualization technique, provide the policy anomaly information in a grid form, which helps in identifying the policy conflicts and finally the techniques to resolve the conflicts and the redundancy that arise in a singleor multi-firewall environment. We also discuss about the implementation of the visualization-based firewall policy analysis tool called Firewall Anomaly Management Framework (FAME), where all the techniques are used in a single tool and an approach to resolve the anomalies in an effective and efficient way. KeywordsFirewall, distributed, access control, policy anomaly management, FAME tool.