Changes

Jump to: navigation, search

Security/Automation/WinterOfSecurity2014

961 bytes removed, 11:23, 22 April 2014
Active measurement of firewalls configuration compliance
=== Network Security ===
==== Active measurement of firewalls configuration compliance ====
* Mozilla Advisor: TBD
* difficulty: medium
* language: english
Building firewall rules is a difficulty exercise, but keeping these rules strict over several years is an even harder challenge. Products exist, such as Tufin, to facilitate the operations of firewalls at scale. In this project, we are looking for a way to actively measure compliance, by injecting traffic inside the network and parsing the results. Unlike classic port scanning, such as NMAP, which typically consist of scanning from outside-in, the idea here would be to scan from multiple network locations in parallel, and aggregate the results. One VLAN could be scanning another, without crossing datacenter boundaries. The goal is to build the scanning logic, but also the compliance validation aspect, which consist of defining in technical terms what compliance means, and checking for compliance against scan results.
 
==== Cross-platform firewall driver in Go ====
* Mozilla Advisor: Julien Vehent
Confirm
529
edits

Navigation menu