A Network Security Policy Compiler
About
Netspoc is free software to manage all the packet filter devices inside your network topology. Filter rules for each device are generated from one central ruleset, using a description of your network topology.
How it works
Rules
You define rules which describe the traffic allowed to flow between different networks.
Topology
You define the networks in more detail with attributes like IP address
and hosts and arrange them into a topology.
The topology is a graph of networks connected by packet filters and routers.
Find paths
Netspoc processes each rule and finds the path from source to destination.
Collect rules and generate code
Netspoc automatically collects the rules for each packet filter and generates device specific filter rules for each packet filter inside the topology.
Transfer generated code to device
Use Netspoc-Approve to automatically transfer generated code to the corresponding device. Only changed parts of the configuration are transferred. In compare mode, a diff file is created. It contains the commands needed to change the configuration of the device.