Usability of Firewall Configuration : Making the Life of System Administrators Easier

Sammanfattning: Firewalls are an important component of network security that serve to protect networks by regulating incoming and outgoing traffic. However, setting up firewalls correctly is a challenging task, which becomes more difficult with the growth of the network's size. Firewall configuration files consist of rule sets that might be hard to understand even for professionals who deal with them regularly. The main reason for this is that most firewall rule sets have a certain structure: the higher the position of a rule in the rule set, the higher priority it has. Challenging problems arise when a new rule is added to the set and a proper position for it needs to be found or the existing rules are removed due to a security policy change. This brings us to the usability problem associated with the configuration of firewalls.The overall aim of this thesis is to help system administrators better manage firewalls. We explore three different aspects of firewall configuration: 1) the syntax of rules, 2) the organization of rules in a rule set, and 3) the way rule sets are presented to a user. Using this acquired knowledge, we offer system administrators more usable firewall solutions and approaches to the configuration process that can help facilitate their daily work.