The Access Policy Tool (APT) verifies access policy implementation against specification of global policy that encodes best practice recommendations. The APT specifies a network's global access policy and verifies that an implementation adheres to the global access policy exactly. The APT can analyze networks with heterogeneous mixtures of firewall brands and models and deals with sophisticated firewall features such as authentication. Users can browse the firewall rules, run the verifier, and display the results using the APT's graphical interface. They can use this to describe a network, import the network using an XML schema or run a program that infers the network topology from the firewall rule sets. The APT automatically highlights the devices involved in the rules in the graphical display. The APT can perform an exhaustive analysis that identifies every possible flow that violates global policy in some way or the other.
|Original language||English (US)|
|Number of pages||7|
|Journal||IEEE Security and Privacy|
|State||Published - Nov 2008|
ASJC Scopus subject areas
- Computer Networks and Communications
- Electrical and Electronic Engineering