On the Safety and Efficiency of Firewall Policy Deployment

Overview

Firewall policy management is challenging and error-prone. While ample research has led to tools for policy specification, correctness analysis, and optimization, few researchers have paid attention to firewall policy deployment: the process where a management tool edits a firewall's configuration to make it run the policies specified in the tool. This paper provides the first formal definition and theoretical analysis of safety in firewall policy deployment. It show that naive deployment approaches can easily create a temporary security hole by permitting illegal traffic, or interrupt service by rejecting legal traffic during the deployment. The paper defines safe and most-efficient deployments, and introduces the shuffling theorem as a formal basis for constructing deployment algorithms and proving their safety.