I'm collecting basic requirements for FW-farm management
applications for an internal instructional document.
What I've thought of so far is the following:
1. An initial GUI which allows an administrator to view
multiple gateways, ports, alert status, and proxy states.
2. The ability to select a proxy and view configuration
information on that proxy on a specific gateway.
3. The ability to delegate departmental security.
4. The ability to manage individual user authentication
per proxy.
5. The ability to centrally view logs.
6. The ability to send pages on specific events.
7. If located on the same DMZ subnet as the gateways,
the ability to sniff packets and graphically organize
them, other basic network management monitoring.
8. A sanity-check utility which looks for obvious proxy
filter configuration errors.
9. A tripwire utility to display alerts on file and process
state changes.
10. 'Courtney' for farms?
11. Instant traceback utility to collect suspicious host
information (DNS data, traceroute, whois, traffic type,
etc).
12. Time synchronization verification for accurate log
comparisons.
13. Strongly encrypted and authenticated administrative channels.
14. Load balancing?
Comments? Which are overkill and which should I add?
Bill Stout
Follow-Ups:
|
|
