Are Firewalls A Security Risk?


Protecting business networks is getting more and more important. But how well do firewalls actually do in protecting sensitive and confidential information? Configuring firewalls can be complicated, even for system administrators, and that can lead to security risks and opportunities for intruders.

Today, almost every company and their systems are connected to the Internet, thereby they are exposed to a huge number of threats. For example, it can lead to confidential data theft, service disruption and financial losses. One of the most important aspects to protect the network and systems connected to it, is to use correctly configured firewalls in order to restrain intruders by controlling the incoming and outgoing traffic.

In his licentiate thesis Artem Voronkov, PhD student in Computer Science at Karlstad University, investigated how firewall configuration can be made more user friendly to help businesses to protect their networks.

“By interviewing system administrators, we have looked at the difficulties they experience when configuring firewalls”, said Artem Voronkov. “Using the interviews as a basis, we have also studied other research in this field to classify the problems and look for possible solutions.”

Firewalls filter network traffic based on a set of rules. These sets of rules have a specific structure that makes them hard to understand. Challenging problems occur when a rule needs to be added or deleted because of the order dependency of rules in rule sets.

“To classify the problem and find solutions we propose a set of usability metrics which we also mathematically formalized. We show that there is a strong correlation between our metrics and how system administrators perceive usability.”

On November 27 Artem Voronkov presented his licentiate thesis. Now he will continue his PhD research study by further investigating solutions on how to improve usability on firewall configuration.

Leave a Reply

Your email address will not be published. Required fields are marked *