摘要 |
A method and apparatus for checking for vulnerabilities in a firewall policy used in a firewall system are provided. The method includes determining whether a target firewall policy is for an existing firewall system or a new firewall system, when the target firewall policy is for the existing firewall system, checking for errors in the target firewall policy by comparing the target firewall policy with an existing firewall policy applied to the existing firewall system, and when the target firewall policy is for the new firewall system, checking for errors in the target firewall policy by simulating a state in which the target firewall policy is applied to the new firewall system.
|