Policy-Based Management: Bridging the Gap

Susan Hinrichs

doi:10.1109/CSAC.1999.816030

A
ACSAC
1999
15th Annual Computer Security Applications Conference (ACSAC '99)
Abstract - Policy-Based Management: Bridging the Gap

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Susan Hinrichs

15th Annual Computer Security Applications Conference (ACSAC '99)

Policy-Based Management: Bridging the Gap

Phoenix, Arizona

December 06-December 10

ISBN: 0-7695-0346-2

	ASCII Text	x
	Susan Hinrichs, "Policy-Based Management: Bridging the Gap," Computer Security Applications Conference, Annual, pp. 209, 15th Annual Computer Security Applications Conference (ACSAC '99), 1999.

	BibTex	x
	@article{ 10.1109/CSAC.1999.816030, author = {Susan Hinrichs}, title = {Policy-Based Management: Bridging the Gap}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {1999}, issn = {1063-9527}, pages = {209}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.1999.816030}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Policy-Based Management: Bridging the Gap SN - 1063-9527 SP EP A1 - Susan Hinrichs, PY - 1999 VL - 0 JA - Computer Security Applications Conference, Annual ER -

Susan Hinrichs, Cisco Systems

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSAC.1999.816030

In a policy-based system, policy goals are described with respect to network entities (e.g., networks and users) instead of enforcement points (e.g., firewalls and routers). This global view has several advantages: usability, global rules are closer to the goals of the human administrator; scalability, the policy system ensures that the enforcement points are configured appropriately, whether there are 1 or 100 enforcement points; and security, the policy system ensures that the policy is enforced consistently. This paper describes techniques for accurately translating from global policy rules to actual per-device configurations, and it describes how these techniques were used in the implementation of Cisco Secure Policy Manager.

Citation:

Susan Hinrichs, "Policy-Based Management: Bridging the Gap," acsac, pp.209, 15th Annual Computer Security Applications Conference (ACSAC '99), 1999

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.