NetSPoC is a tool for security managment of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains.
NetSPoC provides its own language for describing security policy and topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which not. NetSPoC is topology aware: a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
This software was developed as a replacement for Cisco's CSPM (Cisco Secure Policy Manager). See file CSPM.html for a comparison. For CSPM users we have developed an export utility which converts most of the data of a cpm file into NetSPoC's own language.
