A policy-based approach to firewall management

Authors

Abstract

This paper describes a policy-based approach to firewall management. The Policy-Based Networking (PBN) architecture proposed by the Policy Framework Group of IETF is analysed, together with the communication protocols, policy specification languages, and the necessary information models. The paper continues with a description of an application of the PBN architecture to firewall management. The proposed architecture is presented and its implementation issues are analysed with some usage examples. The paper concludes with the evaluation of the policy-based approach to firewall management.

Keywords

Network security, Policy-Based Networking, COPS, COPS-PR, SPSL

Subject

Network Management and Security

Conference

NetCon'2002, October 2002