- Until recently the reasons for reduced efficiency and limited implementation of new security systems has been the insufficient performance of hardware that executes access control and the difficult analysis and configuration to conform with corporate security policy requirements. Without the use of specialized solutions that allow effective functioning of information security systems and their integration with other network applications, a well protected corporate network infrastructure is impossible. In this paper this thesis is considered from three perspectives: the choice of the distributed hardware platform to improve firewall performance; the description of security policy by means of an Organization Based Access Control mode, and automating the process of firewall rules formation based on high-level description of access policy requirements.
Vladimir S. Zaborovsky, Anton Titov