A firewall protects the informational assets of an organization from intruders. Incoming message packets are filtered by the firewall before being forwarded to their destinations inside the organization. In the process, a fraction q_1 of benign (i.e., desirable or harmless) packets and a fraction q_2 of intrusive (i.e., undesirable or harmful) packets get blocked. Ideally, we should have q_1 = 0 and q_2 = 1, but in practice q_1 and q_2 are functionally related. Since the firewall has a non-zero service time, it also causes a delay because packets get queued for service. Thus by using a firewall an organization incurs a cost, but there is also a corresponding benefit. This study considers the simple case when a single firewall is in use. We do an economic analysis and derive a mathematical expression for the net benefit. We then maximize it by tuning the quality parameters qt and q2 appropriately.
展开▼
