Preface Firewalls are the most critical and widely deployed intrusion prevention systems. A firewall is a security guard placed at the point of entry between a private network and the outside Internet such that all incoming and outgoing packets have to pass through it. The function of a firewall is to examine every incoming or outgoing packet and decide whether to accept or discard it. This function is conventionally specified by a sequence of rules, where rules often conflict. To resolve conflicts, the decision for each packet is the decision of the first rule that the packet matches. Consequently, the rules in a firewall are order sensitive. Because of the conflicts and order sensitivity of firewall rules, firewalls are difficult to design and analyze correctly. It has been observed that most firewalls on the Internet are poorly designed and have many errors in their rules.