[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SPD policy document/article
>>>>> On Thu, 21 Nov 2002 19:13:59 +0530, Lokesh <lokeshnb@intotoinc.com> said:
lokeshnb> I'm looking for a document or article where a SPD policy's
lokeshnb> all complexities and intricacies are explained better in
lokeshnb> detail. If there is one please let me know the link.
lokeshnb> Basically, I'm looking for configuration and behavior of SPD
lokeshnb> and IPSec that generate
Lokesh,
The IPSP working group has done a lot of work in this area to define
what a security policy database should contain. Specifically, they've
produced a conceptual data model and a SNMP MIB and a COPS PIB for
actually manipulating that data model on the network. A publicly
available reference release of the MIB for linux (and a policy
management server which should work on any server) have been written
and is available from net-policy.sourceforge.net (though at this
moment, some of the sourceforge servers are apparently down).
I strongly recommend you look at the documents that the IPSP group
have written (and the DMTF's UML diagrams of the same model).
--
Wes Hardaker
Network Associates Laboratories