Search for: All records

Firewalls are the first line of defense in cyber-security. They prevent malicious and unwanted network traffic entering the perimeters of organizations. The strength of a firewall lies in its policy configuration which is also a crucial task for any security administrator. The scope of Firewall policies have been expanding to address ever changing security requirements of an organization. In this process, new security parameters have been researched and one such parameter is temporal policy. Firewall temporal policy is a firewall policy that allows or denies a network packet based on specified day and time range of the policy in addition to the packet filtering rules. Firewall vendors such as CISCO and Palo Alto have already featured firewall temporal policies in their security products. Inclusion of temporal policies in firewall policies results in additional overhead for storing and scanning Firewall policies. As temporal policies are represented in week days and time, they consume considerable amount of space. In this paper, we present an innovative and efficient method for representing temporal policies which includes compact representation of temporal policies and detection of anomalies using set operations. Our approach significantly reduces the storage requirement and improves the scanning functionality of firewall. We also present a new method of creating policy sets based on week days.