10/27
http://iscs.sourceforge.net/ ISCS administrators do not configure the security subsystems separately. They never write a single order dependent rule or complex security association. They describe the security environment in functional, practical, process oriented terms such as, “Sales needs access to Sales Data”, “Marketing, Financial, Engineering and the outside Advertising Agency need access to the New Product Line data”, “the 192.168.1.0/24 network should participate in the VPN”, “the new acquisition’s 10.1.1.0/24 network needs to NAT globally to 172.16.8.0/24 to avoid conflict with the existing 10.1.1.0/24 network” or “the credit card database servers should not be allowed to send packets any further than the e-commerce web server in the DMZ to prevent data theft over the Internet.”
Leave a Reply