This project, completed as part of the requirements for OR/SYST 699 Capstone Project focused on assessing George Mason University's Network Engineering Technology (NET) firewall configuration management and auditing processes.
GMU NET had no documented firewall configuration managmenet policies or procedures at the beginning of this project. Using industry standards, our team assessed their management activities and provided recommendations.
Do to the size of their firewall rule set and a lack of documented security requirements, GMU NET wasn't conducting firewall rule audits. Using industry best practices as guides, our team provided recommendations for starting audits that balanced adminstrative burden and service responsiveness.
Many effective firewall rule set configuration management policies include the capability of assessing the impact of new or modified firewall rules on network traffic patterns and on the effectiveness of the rule set itself. Our team demonstrated how basic descriptive statistics, network/graph analysis, and Petri Nets can be used for impact analysis.