An Efficient, Simple and Scalable Automatic Generation of VPN Security Policies
IPSec (Suite of protocols for IP layer Security) policies are widely deployed in firewalls or security gateways to restrict access or protect information, which is one of major mechanisms for Virtual Private Network (VPN). It is critical for policies to be specified and configured correctly because the security treatment (e.g. denies, allow or encrypt etc.) of all inbound or outbound traffic will be determined by the security policies. IPSec policies are generally manually configured to individual security gateway, which could be very inefficient and error-prone. An erroneous policy could lead to communication blockade or serious security breach.