Rules Assurance: Preventing Unauthorized Access through Building Right Firewall Configuration
K. Shyamala1, G. Priyadharshini2
1Dr.K.Shyamala is working as Associate professor in PG & Research department of computer science , Dr. Ambedkar Government Arts college, Chennai, India.
2G.Priyadharshini is a research scholar in the PG & Research department of computer science , Dr. Ambedkar Government Arts college, Chennai, India.
Manuscript received on 22 August 2019. | Revised Manuscript received on 27 August 2019. | Manuscript published on 30 September 2019. | PP: 8006-8010 | Volume-8 Issue-3 September 2019 | Retrieval Number: C6414098319/2019©BEIESP | DOI: 10.35940/ijrte.C6414.098319
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Any business organization’s backbone is their infrastructure which establishes the connection between their own intranet, vendor/customer network and external world. Network is linked between these network are through dedicated connection or public connection via internet. To build any network, it requires servers, firewalls, routers, core and access switches with communication link. The topology of network, link type, usage of network devices are chosen based on organization need and type of data transaction flows between these networks. Considering volume of data growth because of digital revolution, sensitiveness of data like Personally Identifiable Information (PII) or Protected Health information (PHI), it is necessary to protect data from hackers and save network from phishing, malware or ransomeware. Firewall will control the access and decides what to allow or deny between networks. These rules are defined in firewall Access Control List (ACL). A strong, well matured access control policy plays a key role to ensure network security and data protection. A firewall rule defines inbound and outbound data traffic between source and destination. These sources and destinations are identified by IP addresses, subnet ranges, protocols, applications, and port numbers. ACL defines what can be accessed / denied from internal (OUT BOUND) or from external (IN BOUND). In general a firewall has hundreds of ACLs and at times in thousands as well. Since frequent changes are inevitable, managing firewall rules becomes a complex task. There is no relationship between these rules and need not be in an order. Firewall will not validate duplicate or overlapping of rules. Every rule in ACL is independent and there are more possibilities of having obsolete and invalid rules. To overcome all these complexities, this wok presents rules mining, which helps to analyze firewall rules, identify security flaws, vulnerabilities from existing rules and eliminate redundant or unused rules from network. This paper proposes a new guidelines that can be used on existing firewall ACL or while building new firewall ACL to protect network from external sources. These guidelines will help network administrators to fix configuration errors.
Keywords: Network Security, Data Protection, Firewall, ACL, Network Rules, Running Configuration, Data Protection, Data privacy..
Scope of the Article: Network Security Trust, & Privacy