May 26, 2018
Network Security Policy Compiler
NetSPoC is a tool for security managment of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains.
NetSPoC provides its own language for describing security policy and topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which not. NetSPoC is topology aware a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
Currently NetSPoC generates ACLs and static routing entries for Cisco routers and PIX firewalls. Support for network address translation and IPSec has not been implemented yet.