We present the core functionality of MIRAGE, a management tool for the analysis and deployment of configuration policies over network security components, such as firewalls, intrusion detection systems, and VPN routers. We review the two main functionalities embedded in our current prototype: (1) a bottom-up analysis of already deployed network security configurations and (2) a top-down refinement of global policies into network security component configurations. In both cases, MIRAGE provides intra-component analysis to detect inconsistencies in single component deployments; and inter-component analysis, to detect multi-component deployments which are not consistent. MIRAGE also manages the description of the security architecture topology, to guarantee the proper execution of all the processes. © 2011 Springer-Verlag.
CITATION STYLE
Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., & Preda, S. (2011). MIRAGE: A management tool for the analysis and deployment of network security policies. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6514 LNCS, pp. 203–215). Springer Verlag. https://doi.org/10.1007/978-3-642-19348-4_15
Mendeley helps you to discover research relevant for your work.