An Evaluation of Firewall Configuration Methods
Faculty of Computing, Health and Science
School of Computer and Security Science
Firewalls are essential aspects of all networks. However they are complex and if not correctly configured and managed may result in security breaches. The traditional text-based Command Line Interface is a powerful but difficult tool to use. It is inherently sequential requiring multiple commands. Web-based Graphical User interfaces are progressively being deployed such as the Cisco Security Device Manager. With features such as AutoSecure it is possible to automatically generate device configuration code. Furthermore firewall implementation is relatively simple with configuration code again being automatically generated. However, the code generated may well be substantial. Successful management of secure devices requires the network administrator to be able to understand how the different protocols are interacting in order to be able to successfully conduct fault diagnosis. This paper demonstrates how State Model Diagrams can be a useful management tool for firewall management.