The use of firewalls is the dominant method to guarantee network access control, leading to distributed access control scenarios where the access control role is assigned to more than one component. Firewalls are network security components which provide means to filter traffic within corporate networks, as well as to police incoming and outcoming interaction with the Internet. For this purpose, it is necessary to configure firewalls with a set of filtering rules. Nevertheless, the existence of anomalies between rules, particularly in distributed access control scenarios, is very likely to degrade the network security policy. The discovering and removal of these anomalies is a serious and complex problem to solve. In this paper, we present a set of algorithms for such a management. Our approach is based on the analysis of relationships between filtering rules, in order to detect anomalies, as well as propose policy changes within both single or multi-firewall scenarios.