Automated optimal firewall orchestration and configuration in virtualized networks. Bringhenti, D., Marchetto, G., Sisto, R., Valenza, F., & Yusupov, J. In Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS 2020), pages 1–7, 2020. IEEE.
![Automated optimal firewall orchestration and configuration in virtualized networks [pdf]](https://bibbase.org/img/filetypes/pdf.svg "pdf")
Paper doi abstract bibtex 11 downloads
Paper doi abstract bibtex 11 downloads Emerging technologies such as Software-Defined Networking and Network Functions Virtualization are making the definition and configuration of network services more dynamic, thus making automatic approaches that can replace manual and error-prone tasks more feasible. In view of these considerations, this paper proposes a novel methodology to automatically compute the optimal allocation scheme and configuration of virtual firewalls within a user-defined network service graph subject to a corresponding set of security requirements. The presented framework adopts a formal approach based on the solution of a weighted partial MaxSMT problem, which also provides good confidence about the solution correctness. A prototype implementation of the proposed approach based on the z3 solver has been used for validation, showing the feasibility of the approach for problem instances requiring tens of virtual firewalls and similar numbers of security requirements. © 2020 IEEE.
@InProceedings{2020NOMS_VEREFOO,
author = {Daniele Bringhenti and Guido Marchetto and Riccardo Sisto and Fulvio Valenza and Jalolliddin Yusupov},
booktitle = {Proceedings of the {IEEE/IFIP} Network Operations and Management Symposium ({NOMS} 2020)},
title = {Automated optimal firewall orchestration and configuration in virtualized networks},
year = {2020},
pages = {1--7},
publisher = {{IEEE}},
abstract = {Emerging technologies such as Software-Defined Networking and Network Functions Virtualization are making the definition and configuration of network services more dynamic, thus making automatic approaches that can replace manual and error-prone tasks more feasible. In view of these considerations, this paper proposes a novel methodology to automatically compute the optimal allocation scheme and configuration of virtual firewalls within a user-defined network service graph subject to a corresponding set of security requirements. The presented framework adopts a formal approach based on the solution of a weighted partial MaxSMT problem, which also provides good confidence about the solution correctness. A prototype implementation of the proposed approach based on the z3 solver has been used for validation, showing the feasibility of the approach for problem instances requiring tens of virtual firewalls and similar numbers of security requirements. © 2020 IEEE.},
doi = {10.1109/NOMS47738.2020.9110402},
keywords = {Firewall, Policy Refinement, Security Automation},
url = {https://iris.polito.it/retrieve/handle/11583/2837546/426876/2020NOMS_VEREFOO_author.pdf},
}Downloads: 11
{"_id":"KD7o5yubZa4yxvyfj","bibbaseid":"bringhenti-marchetto-sisto-valenza-yusupov-automatedoptimalfirewallorchestrationandconfigurationinvirtualizednetworks-2020","authorIDs":["anJrBcCdr4LzzWetx","x5vNTEJ4s3raTsibp"],"author_short":["Bringhenti, D.","Marchetto, G.","Sisto, R.","Valenza, F.","Yusupov, J."],"bibdata":{"bibtype":"inproceedings","type":"inproceedings","author":[{"firstnames":["Daniele"],"propositions":[],"lastnames":["Bringhenti"],"suffixes":[]},{"firstnames":["Guido"],"propositions":[],"lastnames":["Marchetto"],"suffixes":[]},{"firstnames":["Riccardo"],"propositions":[],"lastnames":["Sisto"],"suffixes":[]},{"firstnames":["Fulvio"],"propositions":[],"lastnames":["Valenza"],"suffixes":[]},{"firstnames":["Jalolliddin"],"propositions":[],"lastnames":["Yusupov"],"suffixes":[]}],"booktitle":"Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS 2020)","title":"Automated optimal firewall orchestration and configuration in virtualized networks","year":"2020","pages":"1–7","publisher":"IEEE","abstract":"Emerging technologies such as Software-Defined Networking and Network Functions Virtualization are making the definition and configuration of network services more dynamic, thus making automatic approaches that can replace manual and error-prone tasks more feasible. In view of these considerations, this paper proposes a novel methodology to automatically compute the optimal allocation scheme and configuration of virtual firewalls within a user-defined network service graph subject to a corresponding set of security requirements. The presented framework adopts a formal approach based on the solution of a weighted partial MaxSMT problem, which also provides good confidence about the solution correctness. A prototype implementation of the proposed approach based on the z3 solver has been used for validation, showing the feasibility of the approach for problem instances requiring tens of virtual firewalls and similar numbers of security requirements. © 2020 IEEE.","doi":"10.1109/NOMS47738.2020.9110402","keywords":"Firewall, Policy Refinement, Security Automation","url":"https://iris.polito.it/retrieve/handle/11583/2837546/426876/2020NOMS_VEREFOO_author.pdf","bibtex":"@InProceedings{2020NOMS_VEREFOO,\r\n author = {Daniele Bringhenti and Guido Marchetto and Riccardo Sisto and Fulvio Valenza and Jalolliddin Yusupov},\r\n booktitle = {Proceedings of the {IEEE/IFIP} Network Operations and Management Symposium ({NOMS} 2020)},\r\n title = {Automated optimal firewall orchestration and configuration in virtualized networks},\r\n year = {2020},\r\n pages = {1--7},\r\n publisher = {{IEEE}},\r\n abstract = {Emerging technologies such as Software-Defined Networking and Network Functions Virtualization are making the definition and configuration of network services more dynamic, thus making automatic approaches that can replace manual and error-prone tasks more feasible. In view of these considerations, this paper proposes a novel methodology to automatically compute the optimal allocation scheme and configuration of virtual firewalls within a user-defined network service graph subject to a corresponding set of security requirements. The presented framework adopts a formal approach based on the solution of a weighted partial MaxSMT problem, which also provides good confidence about the solution correctness. A prototype implementation of the proposed approach based on the z3 solver has been used for validation, showing the feasibility of the approach for problem instances requiring tens of virtual firewalls and similar numbers of security requirements. © 2020 IEEE.},\r\n doi = {10.1109/NOMS47738.2020.9110402},\r\n keywords = {Firewall, Policy Refinement, Security Automation},\r\n url = {https://iris.polito.it/retrieve/handle/11583/2837546/426876/2020NOMS_VEREFOO_author.pdf},\r\n}\r\n\r\n","author_short":["Bringhenti, D.","Marchetto, G.","Sisto, R.","Valenza, F.","Yusupov, J."],"key":"2020NOMS_VEREFOO","id":"2020NOMS_VEREFOO","bibbaseid":"bringhenti-marchetto-sisto-valenza-yusupov-automatedoptimalfirewallorchestrationandconfigurationinvirtualizednetworks-2020","role":"author","urls":{"Paper":"https://iris.polito.it/retrieve/handle/11583/2837546/426876/2020NOMS_VEREFOO_author.pdf"},"keyword":["Firewall","Policy Refinement","Security Automation"],"metadata":{"authorlinks":{"valenza, f":"https://bibbase.org/show?bib=https%3A%2F%2Fraw.githubusercontent.com%2FFulvioValenza%2Fbibliography%2Fmain%2FValenza_bibliography.bib&commas=true","valenza, f":"https://bibbase.org/service/mendeley/47be63fe-fca0-3f0f-a864-642602926c3f"}},"downloads":11},"bibtype":"inproceedings","biburl":"https://raw.githubusercontent.com/FulvioValenza/bibliography/main/Valenza_bibliography.bib","creationDate":"2021-01-16T10:07:49.738Z","downloads":11,"keywords":["firewall","policy refinement","security automation"],"search_terms":["automated","optimal","firewall","orchestration","configuration","virtualized","networks","bringhenti","marchetto","sisto","valenza","yusupov"],"title":"Automated optimal firewall orchestration and configuration in virtualized networks","year":2020,"dataSources":["JbiX35GNqPCF3nids","JotHtgcQ35FTMtuP5","oHcDH9GXBbkp4t9gm","csYhy47rJJgSM7jjJ","hZL94qE5m3pMWuJwA","8EGSmY4udryikjQyX","nMy6C9RcR4TJMDbmB","Ka2S54TRk8na4h8uK","qgD6ZecrgthN9jyS8","yf5ybPwJxfS5zDTx9","8iJ7pScsBCJNMEwBL","XZnEt8kdXurbtCWoc","R3zwdw7JArkWqNexb"]}