Removing anomalies from security policies of a network security device

摘要

The techniques described herein may optimize a set of ordered rules of a security device through the removal of one or more anomalies. For example, a security management system or other configuration management system or component may detect and remove one or more anomalies from a set (e.g., list) of one or more ordered rules to be enforced by the network security device, such as shadowing anomalies, redundancy anomalies, and/or correlation anomalies, among others, as described herein. Security management system may transform the set of ordered rules to replace at least a subset of the rules within one or more mutually exclusive rules. In some instances, the security management system may optimize the transformed rule set, for example, by using redundancy removal and/or join/merge policies.