[Agenda] [Examples] [Network Partitioning] [Concepts] [Policy] [Process] [Organization] [HW-SW] [Cases studies] [Conclusion] [Resources]
[first slide] (4) Apply the service flows on filtering devices [previous slide] [next slide]
* The NOC (Network Operation Center) distributes the filtering configuration
o SPEPs have operational purpose first
o SPEPs are network devices, not security devices
o NOC may be a local NOC, where the Security Office is still centralized
o Good cooperation is mandatory

* NOC should primarly use existing and usual tools
o HP-OV, CW2K, Spectrum, Tivoli, ...
o Distribution, version-control, logging, archiving, etc
o Current distributing mechanisms available in existing products are usually useful for small networks, useless for large networks

* NOC is responsible for coherence
o Security policy with routing
o Scheduling of filtering configuration upload
o Access to the SPEPs themselves

HSC ® © Hervé Schauer Consultants December 1999 - 142, rue de Rivoli - F-75001 Paris - France
Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr>
- Page 69 -