Access monitoring system for distributed firewall policies
Internet has provided several benefits in terms of information sharing. However, Internet is an insecure environment that can cause threats to private networks. As a result, network security becomes a critical issue. One of the important tools used in network security is firewall. Firewalls protect a private network from external threats by restricting network traffic according to predefined security rules. Basically, firewalls apply these rules to each packet that passes over them. Distributed firewalls are a new approach to firewall to overcome some drawbacks of traditional firewalls. Distributed firewall design is based on the idea of enforcing the policy rules at the endpoints rather than a single entry point to network. Management of policy rules is a critical issue in both traditional and distributed firewalls. We propose a monitoring application for distributed firewall policies to keep track of actions (create, read. update, delete) performed on policy rule set. The resulting data produced by the monitoring application will be very helpful in policy management process.