Resumen
Large enterprises employ a variety of firewalls, possibly from different vendors each with its own rule syntax. Furthermore, enterprise policy may be mapped to hundreds of rules on each device. Manual configuration of a large set of rules is a complex process that may result in misconfigurations and the resulting in security vulnerabilities. A promising alternative is the use of semantic web technologies (an ontology combined with a query language or reasoner) to detect firewall misconfigurations. However, a poorly designed ontology may result in excessive memory consumption and processing load, rendering the method ineffective. In this paper, we present an efficient ontology design for detecting misconfigurations on firewall rules, that attempts to reduce the computing resources needed to validate the firewall rules of the companys policies. The design was tested on a realworld scenario of an enterprise with equipment from 3 different vendors: Fortinet, Cisco ASA, and Checkpoint. Our solution was able to detect over a hundred misconfigured rules. Finally, an evaluation of the impact of the chosen combination of ontology, query language, and reasoner on the computational cost is also presented.
| Idioma original | Inglés |
|---|---|
| Título de la publicación alojada | 2018 IEEE ANDESCON, ANDESCON 2018 - Conference Proceedings |
| Editores | Jose David Cely Callejas |
| Editorial | Institute of Electrical and Electronics Engineers Inc. |
| ISBN (versión digital) | 9781538683729 |
| DOI | |
| Estado | Publicada - 5 dic. 2018 |
| Evento | 9th IEEE ANDESCON, ANDESCON 2018 - Cali, Colombia Duración: 22 ago. 2018 → 24 ago. 2018 |
Serie de la publicación
| Nombre | 2018 IEEE ANDESCON, ANDESCON 2018 - Conference Proceedings |
|---|
Conferencia
| Conferencia | 9th IEEE ANDESCON, ANDESCON 2018 |
|---|---|
| País/Territorio | Colombia |
| Ciudad | Cali |
| Período | 22/08/18 → 24/08/18 |
ODS de las Naciones Unidas
Este resultado contribuye a los siguientes Objetivos de Desarrollo Sostenible
