The team at Network Geographics is creating tools to simplify and automate the analysis of changes to an enterprises security stance. We envision that such tools will be useful as part of the standard operating procedure for enterprise IT members. We also anticipate such tools will be useful to people auditing the security stance of a customer's installation.
InfoSecter, the Information Security Dissector, takes firewall configurations apart in to their functional elements, making it easy to find what a firewall is doing, and why. InfoSecter can also compare configurations to find functional differences, between different versions or even different vendors.
Look at the following white papers for more information
- Assuring Network Security - An overview of the features provided by InfoSecter.
- Consistent Security Policy in a Changing World - How standing policy constraints can be used to ensure that policy implementation stays consistent with an organization's security policy.