Issue No. 06 - June (2004 vol. 37)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MC.2004.2
Avishai Wool , Tel Aviv University
<p>Firewalls are the cornerstone of corporate intranet security, yet network security experts generally consider them to be poorly configured. This assessment is indirectly affirmed by the success of recent worms and viruses like Blaster and Sapphire, which a well-configured firewall could easily have blocked. </p><p>A study of real configuration files, or rule sets, for a variety of corporate firewalls establishes a quality measure based on "misconfigurations" that violate established best practices. The study correlates the quality measure with other factors--specifically, the operating system on which the firewall runs, the firewall?s software version, and a rule-set complexity. The results clearly show that corporate firewalls are often enforcing poorly written rule sets; they also offer some useful observations for improving rule-set quality.</p>
A. Wool, "A Quantitative Study of Firewall Configuration Errors," in Computer, vol. 37, no. , pp. 62-67, 2004.