Managing firewall policies in a segmented network and multi-vendor environment
Rönni, Riku (2025)
2025
Tietotekniikan DI-ohjelma - Master's Programme in Information Technology
Informaatioteknologian ja viestinnän tiedekunta - Faculty of Information Technology and Communication Sciences
Hyväksymispäivämäärä
2025-10-31
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:tuni-2025103110272
https://urn.fi/URN:NBN:fi:tuni-2025103110272
Tiivistelmä
Firewalls are an essential part of modern networks. They protect network traffic based on a configuration set by administrators. Commonly these are referred as firewall rules. The management of firewalls include the management of these rules, but also other tasks. The management of firewalls can be challenging, especially if the network is complex. Complex networks require multiple firewalls, network traffic can be enormous and rule sets can get very complex. Poorly managed firewalls result in security risks such as misconfigurations and the network may be compromised. In order to protect the network, firewall management must be effective.
In this thesis we take a look at how firewall management is done. We look the challenges related to it and how they can be addressed. We utilize best practices recommended by several organizations and try to present ways discover shortcomings and improve several aspects of firewall management. After presenting improvements in a more theoretical sense, we suggest practical implementations of how the suggested improvements could be implemented.
Common challenges derive from the lack of optimization and resources allocated towards firewall management. These challenges can be improved by standardizing management practices and improving documentation. This includes matters such as standard formatting of firewall rules and documenting every change made to the firewall configuration. Firewall changes are often requested by other parties than the administration, so a well documented request process makes the whole process smoother. If feasible, rules can be assigned business owners in order to alleviate the workload of administration. Automation should be used where feasible in order to decrease the probability of misconfigurations.
Firewall management might also change drastically in the future. The inclusion of artificial intelligence in firewall management can make it much more refined, as the artificial intelligence can constantly monitor and make changes to the configuration as needed. The progression towards zero trust architecture in networks also has new requirements which need to be accounted for in firewall management.
In this thesis we take a look at how firewall management is done. We look the challenges related to it and how they can be addressed. We utilize best practices recommended by several organizations and try to present ways discover shortcomings and improve several aspects of firewall management. After presenting improvements in a more theoretical sense, we suggest practical implementations of how the suggested improvements could be implemented.
Common challenges derive from the lack of optimization and resources allocated towards firewall management. These challenges can be improved by standardizing management practices and improving documentation. This includes matters such as standard formatting of firewall rules and documenting every change made to the firewall configuration. Firewall changes are often requested by other parties than the administration, so a well documented request process makes the whole process smoother. If feasible, rules can be assigned business owners in order to alleviate the workload of administration. Automation should be used where feasible in order to decrease the probability of misconfigurations.
Firewall management might also change drastically in the future. The inclusion of artificial intelligence in firewall management can make it much more refined, as the artificial intelligence can constantly monitor and make changes to the configuration as needed. The progression towards zero trust architecture in networks also has new requirements which need to be accounted for in firewall management.