Abstract

Firewalls are the key mechanism in cybersecurity, that has been widely used to ensure network security. In literature, several works have been proposed in the area of firewall rules managing, however, the correct firewall configuration still remains a complex and error-prone task. Anomalies among firewall rules can cause severe network breaches, such as allowing harmful packets to slip into a subnetwork or dropping legitimate traffic which in turn could hinder the correct availability of web services. This paper aims to help the network security administrators by introducing a formal approach that reduces the number of anomalies in firewalls’ configurations that the administrators are usually obligated to manually solve.