Abstract:

Firewall Conformance Testing

Diana Senn and David Basin and Germano Caronni


Firewalls are widely used to protect networks from unauthorised access. To ensure that they implement an 
organisation's security policy correctly, they need to be tested. We present an approach that addresses this 
problem. Namely, we show how an organisation's network security policy can be formally specified in a high-
level way, and how this specification can be used to automatically generate test cases to test a deployed system. 
In contrast to other firewall testing methodologies, such as penetration testing, our approach tests conformance to 
a specified policy. Our test cases are organisation-specific - i.e.~they depend on the security requirements and on 
the network topology ofan organisation - and can uncover errors both in the firewall products themselves and in 
their configuration.