[Agenda] [Examples] [Network Partitioning] [Concepts] [Policy] [Process] [Organization] [HW-SW] [Cases studies] [Conclusion] [Resources]
[first slide] (5) Audit & validate the filtering devices policies [previous slide] [next slide]

* Security enforced in network devices need control mecanisms from the Security Office
o Security Office must have read access to SPEPs
o Logging from the SPEPs may be sent back or copied to the Security Office

* Security Office
o Is responsible for logging analysis & intrusion detection
o May archive each security policy and SPEPs filtering configuration
o Should conduct audits by a third-party
o Will be in charge of inquiries in case of incident
o Will drive the move to PKI and user-based security

HSC ® © Hervé Schauer Consultants December 1999 - 142, rue de Rivoli - F-75001 Paris - France
Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr>
- Page 70 -