[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ISSForum] RSNS and Proventia Inline Appliance Policy to HTML



Hi all,

I appreciate all the positive feedback I have gotten from many of you
about this utility. I'm glad to know that it is as useful to all of
you as it has been to me.

As for the issue brought up by Sergey, regarding the IP Filters and
Event Filters Description field listing a blank table cell if no
description is given in the policy, I will make sure this is fixed in
the upcoming release. Thanks for the heads up Sergey!

Also, if you have any comments, questions, ideas for new features, and
potential bugs/mistakes to report, please feel free to contact me,
that way I can update the issPolicy utility. If any of you have tested
this utility against policies not listed as "tested" on the issPolicy
site (i.e. "Proventia A Series") and have successfully ran this
utility on Operating Systems not listed as tested on the issPolicy
site, please contact me so I can update the site accordingly.

Thanks to all of you for testing and helping improve this utility,

Kris.

On Thu, 11 Nov 2004 11:57:42 +0300, Sergey V Soldatov <svsoldatov@xxxxxx> wrote:
> 
> Hi, all.
> Yes, this tool is very nice.
> I've found a small mistake: if the IP Filter Description in policy file is
> empty (it's normal situation for my policy files ), in html variant you'll
> see a "hole" insted of table cell.
> 
> This can be fixed by changing the row no. 766
> from:
> 
> print HTMLPOLICY "<td>$ip_filters{$filtername}->[1]</td>";
> 
> to, for example:
> 
> print HTMLPOLICY
> "<td>".($ip_filters{$filtername}->[1]?$ip_filters{$filtername}->[1]:"n/a")."</td>";
> 
> and you will see "n/a" if IP Filter Description is empty as it is in Event
> Filter Description.
> 
> I also thought about such a tool, but then I found that the time spent for
> developing of this program for me is more dear, than benefit from it. But
> now, Kristof has done this program for us and I have no need to develop it
> by myself! Thank you very much, Kristof!
> 
> Good luck!
> ---
> Best regards, Sergey V. Soldatov.
> Information security department.
> 
>               Kristof Philipsen
>               <kphilipsen@xxxxxxxxx>           To:       issforum@xxxxxxx
>               Sent by:                         cc:
>               issforum-bounces@xxxxxxx         Subject:  [ISSForum] RSNS and Proventia Inline Appliance Policy to
>                                                 HTML
> 
>               09.11.2004 04:35
>               Please respond to Kristof
>               Philipsen
> 
> 
> 
> 
> Hi,
> 
> I have been working with Proventia G-Series Inline Appliances for a
> while now and have always been trying to find a way/tool to improve
> the visibility that a policy administrator has on the Proventia
> G-Series Inline Appliance policy. At present, I haven't found
> SiteProtector to have a feature to export Proventia Inline Appliance
> and RealSecure Network Sensor Policies to a single file, in which the
> policy is displayed in a user-friendly way. Such a feature is quite
> important to me as many companies are regulated to document their
> network security policies and also provides an easy way to analyze the
> RSNS or Proventia Inline Appliance policies. Unfortunately, I wasn't
> able to find a utility that allowed me to accomplish this task.
> 
> Therefore, I have created a utility called "issPolicy", which allows
> exported RSNS and Proventia Inline Appliance policies (" .policy "
> files) to be converted to a single HTML file, containing the
> Signatures policy, the IP Filters policy, and the Event filters
> policy. I've also created some extra options allowing for granular
> HTML Policy files to be created based on several specific criteria
> (i.e. whether signatures are enabled or disabled, the signature
> priority level, whether drop is enabled, depending on the drop option,
> etc...).
> 
> I have made this utility freely available in open-source format. The
> utility is written in Perl and has been successfully tested on both
> Linux (with Perl 5.8) and Win32 (with ActivePerl 5.8) systems.  I've
> so-far tested the utility on RSNS 7.0 and Proventia G-Series 8.0
> Policies, but it should also work with Proventia A-Series policies
> (since those appliances are RSNS-based).
> 
> Just thought I would share this utility with the forum as some of you
> might have encountered the same policy visibility/user-friendly policy
> export limitations of SiteProtector and may have the need for such a
> utility.
> 
> The issPolicy v1.01 utility and examples of RSNS and Proventia
> G-Series HTML generated policies are available at the following URL:
> http://packet.sequenced.org/projects/isspolicy/
> 
> Cheers,
> 
> Kris.
> _______________________________________________
> ISSForum mailing list
> ISSForum@xxxxxxx
> 
> TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
> https://atla-mm1.iss.net/mailman/listinfo/issforum
> 
> To contact the ISSForum Moderator, send email to mod-issforum@xxxxxxx
> 
> The ISSForum mailing list is hosted and managed by Internet Security
> Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
> 
>
_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@xxxxxxx

The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.