—The Access Policy Tool (APT) analyzes the firewall configuration in an enterprise network for compliance with global access policy, e.g., such as describes the industry’s best practices. APT is the culmination of several years of academic research and development; in this last year we have ben working with industrial partners in the energy sector to validate the results of the tool. More importantly, through this interaction we’ve learned of significant requirements on a tool like APT that must be met for real industrial use, and have incorporated the changes needed in APT to meet those requirements. This paper describes our experience with validating APT, and documents its performance on systems of the scale of our industrial partners. Keywords-access control; firewalls; security policy
David M. Nicol, William H. Sanders, Mouna Seri, Sa