NETWORK ACCESS LIFECYCLE: A STRUCTURED APPROACH TO FIREWALL RULE GOVERNANCE IN ZERO TRUST ENVIRONMENTS

Authors

DOI:

https://doi.org/10.28925/2663-4023.2026.32.1194

Keywords:

security policies, lifecycle, rule recertification, network firewall, Zero Trust, change control, relevance assessment.

Abstract

This paper reflects on the consequences of uncontrolled network access rule configurations within corporate networks and examines the risks resulting from their chaotic accumulation. To monitor and manage security policies and access control lists (ACLs), the introduction of a network access lifecycle is proposed as a unified methodology for the creation, operational support, and deactivation of access rights within corporate infrastructure. The study outlines mandatory structural stages and their sequence, investigating the methodology for their implementation while specifying the necessary components and attributes for each stage of the network access lifecycle. The methodological foundation of the proposed approach consists of a combination of firewall and policy guidelines described in NIST SP 800-41 rev. 1, Zero Trust principles outlined in NIST SP 800-207, and original authorial methodologies for organizing the access lifecycle and developing recertification procedures. Managed support for the "birth," life, and termination of access rules in corporate network environments is a distinct process. It allows for the tracking and regulation of open ports in firewalls, ACL application points, security groups, and access rules in cloud network entities to ensure their relevance at any given time, compliance with initial requirements, and adherence to Zero Trust principles. The article proposes a methodology for conducting periodic reviews and recertification of security policies as a fundamental stage of the network access lifecycle. The approach includes an algorithm for determining recertification periods, a structural framework for evaluation criteria and rule validation, and a defined list of potential decisions regarding the objects under review. The importance of automation in managing access rules is described, alongside the specific benefits it provides. The implementation of tagging is proposed as an effective mechanism for structuring rules in large-scale environments. Furthermore, the paper emphasizes the necessity of following a naming convention when creating security policies in distributed and hybrid infrastructures.

Downloads

Download data is not yet available.

References

Ejiofor, O., Olusoga, O., & Akinsola, A. (2025). Zero trust architecture: A paradigm shift in network security. Computer Science & IT Research Journal. https://doi.org/10.51594/csitrj.v6i3.1871

Poirrier, A., Cailleux, L., & Clausen, T. (2025). Is trust misplaced? A zero-trust survey. Proceedings of the IEEE, 113, 5–39. https://doi.org/10.1109/JPROC.2025.3555131

Syrotynskyi, R., & Tyshyk, I. (2025). Features of network access management of corporate systems in zero trust architecture. Computer Systems and Networks. https://doi.org/10.23939/csn2025.01.261

Vanickis, R., Jacob, P., Dehghanzadeh, S., & Lee, B. (2018). Access control policy enforcement for zero-trust networking. In 2018 29th Irish Signals and Systems Conference (ISSC) (pp. 1–6). IEEE. https://doi.org/10.1109/ISSC.2018.8585365

Katsis, C., & Bertino, E. (2024). ZT-SDN: An ML-powered zero-trust architecture for software-defined networks. ACM Transactions on Privacy and Security, 28, 1–35. https://doi.org/10.1145/3712262

Bradatsch, L., Miroshkin, O., & Kargl, F. (2023). ZTSFC: A service function chaining-enabled zero trust architecture. IEEE Access, 11, 125307–125327. https://doi.org/10.1109/ACCESS.2023.3330706

Keeriyattil, S. (2019). Microsegmentation and zero trust: Introduction. In Zero trust networks with VMware NSX (pp. xx–xx). Springer. https://doi.org/10.1007/978-1-4842-5431-8_2

National Institute of Standards and Technology. (2009). Guidelines on firewalls and firewall policy (NIST Special Publication 800-41 Rev. 1). https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-41r1.pdf

Palo Alto Networks. (2024). Firewall best practices: Managing security policies effectively. https://www.paloaltonetworks.com/cyberpedia/firewall-best-practices

Ruleblade. (2024). Firewall risk and compliance automation. https://ruleblade.io/en/firewall-risk

Voronkov, A., Martucci, L., & Lindskog, S. (2020). Measuring the usability of firewall rule sets. IEEE Access, 8, 27106–27121. https://doi.org/10.1109/ACCESS.2020.2971093

Downloads


Abstract views: 5

Published

2026-03-26

How to Cite

Syrotynskyi, R., & Tyshyk, I. (2026). NETWORK ACCESS LIFECYCLE: A STRUCTURED APPROACH TO FIREWALL RULE GOVERNANCE IN ZERO TRUST ENVIRONMENTS. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 4(32), 419–430. https://doi.org/10.28925/2663-4023.2026.32.1194

Issue

Vol. 4 No. 32 (2026): Cybersecurity: Education, Science, Technique

Section

Articles

License

Copyright (c) 2026 Роман Сиротинський, Іван Тишик

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Most read articles by the same author(s)