Gerenciamento Integrado e Adaptativo de Firewalls baseado na Fonte Única de Verdade (SSoT) da Rede
Resumo
Este trabalho propõe uma arquitetura modular e adaptativa para o gerenciamento de firewalls, fundamentada no conceito de Fonte Única de Verdade (SSoT). A solução integra monitoramento, orquestração e aplicação de políticas de segurança em redes heterogêneas, permitindo respostas automatizadas a eventos operacionais e de segurança. Avaliações experimentais evidenciam a capacidade da arquitetura em reagir de forma ágil a mudanças na infraestrutura e mitigar ataques DoS com eficiência.Referências
Adeola Adewa, Vincent Anyah, Omoniyi David Olufemi, Adedeji Ojo Oladejo, and Toluwanimi Olaifa (2025). The impact of intent-based networking on network configuration management and security. Global Journal of Engineering and Technology Advances, 22(1):063–068.
Ahmad, T. (2025). AI-Driven Dynamic Firewall Optimization Using Reinforcement Learning for Anomaly Detection and Prevention.
Alicea, M. and Alsmadi, I. (2021). Misconfiguration in Firewalls and Network Access Controls: Literature Review. Future Internet, 13(11):283.
Bargury, M., Levin, R., and Ronen, R. (2017). Learning to Customize Network Security Rules.
Bringhenti, D., Marchetto, G., Sisto, R., and Valenza, F. (2024). Automation for Network Security Configuration: State of the Art and Research Trends. ACM Computing Surveys, 56(3):1–37.
Chowdhary, A., Huang, D., Alshamrani, A., Sabur, A., Kang, M., Kim, A., and Velazquez, A. (2018). SDFW: SDN-based Stateful Distributed Firewall.
Clemm, A., Ciavaglia, L., Z. Granville, L., and Tantsura, J. (2022). Intent-Based Networking - Concepts and Definitions. Technical Report RFC9315, RFC Editor.
Duan, Q. and Al-Shaer, E. (2025). Firewall Regulatory Networks for Autonomous Cyber Defense.
Fiorenza, M. M. (2021). Gerenciamento de firewalls em redes híbridas.
Hallahan, W. T., Zhai, E., and Piskac, R. (2017). Automated repair by example for firewalls. In 2017 Formal Methods in Computer Aided Design (FMCAD), pages 220–229, Vienna. IEEE.
Imoukhuede, A. B., Sheltami, T. R., Mahmoud, A. H., and Barnawi, A. Y. (2025). Optimization of network device hardening in a multivendor environment. Scientific Reports, 15(1):15042.
Islam, C., Babar, M. A., and Nepal, S. (2020). A Multi-Vocal Review of Security Orchestration. ACM Computing Surveys, 52(2):1–45.
Linder, S., Lisetska, P., and Stutz, R. (2024). Network Configuration Automation with Infrahub and Nornir. other, OST Ostschweizer Fachhochschule.
Ahmad, T. (2025). AI-Driven Dynamic Firewall Optimization Using Reinforcement Learning for Anomaly Detection and Prevention.
Alicea, M. and Alsmadi, I. (2021). Misconfiguration in Firewalls and Network Access Controls: Literature Review. Future Internet, 13(11):283.
Bargury, M., Levin, R., and Ronen, R. (2017). Learning to Customize Network Security Rules.
Bringhenti, D., Marchetto, G., Sisto, R., and Valenza, F. (2024). Automation for Network Security Configuration: State of the Art and Research Trends. ACM Computing Surveys, 56(3):1–37.
Chowdhary, A., Huang, D., Alshamrani, A., Sabur, A., Kang, M., Kim, A., and Velazquez, A. (2018). SDFW: SDN-based Stateful Distributed Firewall.
Clemm, A., Ciavaglia, L., Z. Granville, L., and Tantsura, J. (2022). Intent-Based Networking - Concepts and Definitions. Technical Report RFC9315, RFC Editor.
Duan, Q. and Al-Shaer, E. (2025). Firewall Regulatory Networks for Autonomous Cyber Defense.
Fiorenza, M. M. (2021). Gerenciamento de firewalls em redes híbridas.
Hallahan, W. T., Zhai, E., and Piskac, R. (2017). Automated repair by example for firewalls. In 2017 Formal Methods in Computer Aided Design (FMCAD), pages 220–229, Vienna. IEEE.
Imoukhuede, A. B., Sheltami, T. R., Mahmoud, A. H., and Barnawi, A. Y. (2025). Optimization of network device hardening in a multivendor environment. Scientific Reports, 15(1):15042.
Islam, C., Babar, M. A., and Nepal, S. (2020). A Multi-Vocal Review of Security Orchestration. ACM Computing Surveys, 52(2):1–45.
Linder, S., Lisetska, P., and Stutz, R. (2024). Network Configuration Automation with Infrahub and Nornir. other, OST Ostschweizer Fachhochschule.
Publicado
01/09/2025
Como Citar
MENEZES, Jerônimo; BITZKI, Leonardo; KREUTZ, Diego; MANSILHA, Rodrigo Brandão.
Gerenciamento Integrado e Adaptativo de Firewalls baseado na Fonte Única de Verdade (SSoT) da Rede. In: SIMPÓSIO BRASILEIRO DE CIBERSEGURANÇA (SBSEG), 25. , 2025, Foz do Iguaçu/PR.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 1067-1073.
DOI: https://doi.org/10.5753/sbseg.2025.11422.
