A Proposed Approach for Management of Multiple Firewalls Using REST API Architecture

  IJPTT-book-cover
 
International Journal of P2P Network Trends and Technology (IJPTT)          
 
© 2019 by IJPTT Journal
Volume-9 Issue-5
Year of Publication : 2019
Authors : Mohamed E. Elhamahmy , Mohamed M.A. Elgazzar , Abdel-Hamid M. Emara
DOI :  10.14445/22492615/IJPTT-V9I5P401

Citation

MLA Style: Mohamed E. Elhamahmy , Mohamed M.A. Elgazzar , Abdel-Hamid M. Emara "A Proposed Approach for Management of Multiple Firewalls Using REST API Architecture" International Journal of P2P Network Trends and Technology 9.5 (2019): 1-12.

APA Style:Mohamed E. Elhamahmy , Mohamed M.A. Elgazzar , Abdel-Hamid M. Emara(2019). A Proposed Approach for Management of Multiple Firewalls Using REST API Architecture. International Journal of P2P Network Trends and Technology, 9(5),1-12.

Abstract

a lot of work has been done on managing firewall policy anomalies. There are tools have been proposed to assist subordinate on these considers, for example “Policy Advisor tool”. In any case, it subordinate on the addition of policy rules manually into the firewall device. There`s a genuine require for a tool that acquire the firewall policy rules in real-time without affecting its configuration. There are moreover devices created by firewall sellers created for firewall frameworks to work on the administration of their appliances as it were and so does not work with the devices created by other companies. There is a need for a tool to manage different firewalls. In this paper, a new approach is proposed for acquiring a firewall policy objects in real-time. Then present the obtained policy rule-set in a visualization and usability perspectives using REST API architecture. We also built a practical tool FPM (Firewall Policy Manager) based on the proposed approach. It is an assistant tool for the administrator to connect centrally to each firewall in the network and get its policy rules safely without changing its configuration. It also provides a visual interface for assisting configuration auditing tasks at the standpoint of visualization and usability. A proposed test environment based on virtual machine technology for testing the FPM against the most commonly used firewalls is described as well. FPM is tested in a real environment and the results were satisfied by the administrator. The proposed approach is the step towards investigating the different firewall policy rules using web services for anomaly detection and correction. However, in this paper, it is focused on the policy rule acquisition in real-time using the proposed FPM tool.

References

[1] Kumar, S. (2016). A Review of Recent Trends and Issues in Visualization. International Journal on Computer Science and Engineering (IJCSE), 8(3), 41–54.
[2] Iwaya, L. H., Voronkov, A., Martucci, L. A., Lindskog, S., and Fischer-Hübner, S. (2016). Firewall Usability and Visualization : A Systematic Literature Review (Karlstad University Studies). Retrieved from http://urn.kb.se/resolve?urn=urn:nbn:se:kau:diva-44688
[3] Voronkov, A., Iwaya, L.H., Martucci, L.A., &Lindskog, S. (2017). Systematic Literature Review on Usability of Firewall Configuration. ACM Comput. Surv., 50, 87:1-87:35.
[4] Windmüller, S. (2011). Offline Validation of Firewalls. 2011 IEEE 34th Software Engineering Workshop, 36-41.
[5] Martínez A. Yannuzzi M. López J. Serral-Gracià R. Ramirez W. (2015). Applying information extraction for abstracting and automating the CLI-based configuration of network devices in heterogeneous environments.
[6] Kim H., Ko S., Kim D. S. and Kim H. K. (2017). Firewall ruleset visualization analysis tool based on segmentation. IEEE Symposium on Visualization for Cyber Security (VizSec), Phoenix, AZ, pp. 1-8. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8062196&isnumber=8062166
[7] Tran, T., Al-Shaer, E., &Boutaba, R. (2007). PolicyVis: Firewall Security Policy Visualization and Inspection. LISA.
[8] X. Wang et al. (2018). PNPL: Simplifying programming for protocol-oblivious SDN networks. Computer Networks. 147, 64–80.
[9] Antonio JesúsFernández-García, Luis Iribarne, Antonio Corral, Javier Criado, James Z. Wang. (2018). A flexible data acquisition system for storing the interactions on mashup user interfaces. Computer Standards & Interfaces, Volume 59, Pages 10-34, ISSN 0920-5489. International Journal of Scientific & Engineering Research, Volume 6, Issue 2, February-2015. ISSN 2229-5518.
[10] R. Richards. (2006). Representational State Transfer (REST) in "Pro PHP XML and Web Services". In: Springer Publishing, Chap. 17, pp. 633–672.
[11] Roy Thomas Fielding and Richard N. Taylor (2000). Architectural styles and the design of network-based software architectures, University of California, Irvin.
[12] C. Pautasso et al., (2008). REST Web Services vs. Big Web Services: Making the Right Architectural Decision, Beijing China.
[13] GladmanJekese, R.Subburaj Professor, ChiedzaHwata (2015). Virtual Firewall Security on Virtual Machines in Cloud Environment. International Journal of Scientific & Engineering Research, Volume 6, Issue 2, February-2015. ISSN 2229-5518.

Keywords
Firewall; rule; policy; API; REST API