Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Engineering
Global Verification And Analysis Of Network Access Control Configuration, Ehab Al-Shaer, Will Marrero, Adel El-Atawy, Khalid Elbadawi
Global Verification And Analysis Of Network Access Control Configuration, Ehab Al-Shaer, Will Marrero, Adel El-Atawy, Khalid Elbadawi
Technical Reports
Network devices such as routers, firewalls, IPSec gateways, and NAT are configured using access control lists. However, recent studies and ISP surveys show that the management of access control configurations is a highly complex and error prone task. Without automated global configuration management tools, unreachablility and insecurity problems due to the misconfiguration of network devices become an ever more likely.
In this report, we present a novel approach that models the global end-to-end behavior of access control devices in the network including routers, firewalls, NAT, IPSec gateways for unicast and multicast packets. Our model represents the network as a state …