We have identified five problems that inhibit effective enterprise security management - policy divide, lack of reproducibility, lack of consistency, lack of coverage and lack of flexibility in current management systems. We discuss these problems and suggest features an enterprise security management framework should have to address them. Mesmerize is an enterprise security management framework that allows holistic enterprise security policy to be interpreted into technology specific directives then translated into device specific configuration. The Mesmerize framework incorporates an information repository, which is accessed and interpreted by manager programs that - in turn - communicate with configuration agents that configure specific devices. The information repository stores network element information as well as security policies that are associated with those network elements. Manager programs make use of the information repository to generate technology specific directives that are sent to configuration agents during policy enforcement. A configuration agent is responsible for translating the technology specific directive into the configuration language of a device or service implementation. Currently we have proof-of-concept management subsystems for IPChains firewalls (IPChains), BIND domain name servers (BIND), and FreeSWAN virtual private network end-points (FreeSWAN).
|Cite as: Bradley, D. and Josang, A. (2004). Mesmerize - an Open Framework for Enterprise Security Management. In Proc. Second Australasian Information Security Workshop (AISW2004), Dunedin, New Zealand. CRPIT, 32. Montague, P. and Steketee, C., Eds. ACS. 37-42. |
(local if available)