2 resultados para Policy reference framework
em Repository Napier
Resumo:
Security policies are increasingly being implemented by organisations. Policies are mapped to device configurations to enforce the policies. This is typically performed manually by network administrators. The development and management of these enforcement policies is a difficult and error prone task. This thesis describes the development and evaluation of an off-line firewall policy parser and validation tool. This provides the system administrator with a textual interface and the vendor specific low level languages they trust and are familiar with, but the support of an off-line compiler tool. The tool was created using the Microsoft C#.NET language, and the Microsoft Visual Studio Integrated Development Environment (IDE). This provided an object environment to create a flexible and extensible system, as well as simple Web and Windows prototyping facilities to create GUI front-end applications for testing and evaluation. A CLI was provided with the tool, for more experienced users, but it was also designed to be easily integrated into GUI based applications for non-expert users. The evaluation of the system was performed from a custom built GUI application, which can create test firewall rule sets containing synthetic rules, to supply a variety of experimental conditions, as well as record various performance metrics. The validation tool was created, based around a pragmatic outlook, with regard to the needs of the network administrator. The modularity of the design was important, due to the fast changing nature of the network device languages being processed. An object oriented approach was taken, for maximum changeability and extensibility, and a flexible tool was developed, due to the possible needs of different types users. System administrators desire, low level, CLI-based tools that they can trust, and use easily from scripting languages. Inexperienced users may prefer a more abstract, high level, GUI or Wizard that has an easier to learn process. Built around these ideas, the tool was implemented, and proved to be a usable, and complimentary addition to the many network policy-based systems currently available. The tool has a flexible design and contains comprehensive functionality. As opposed to some of the other tools which perform across multiple vendor languages, but do not implement a deep range of options for any of the languages. It compliments existing systems, such as policy compliance tools, and abstract policy analysis systems. Its validation algorithms were evaluated for both completeness, and performance. The tool was found to correctly process large firewall policies in just a few seconds. A framework for a policy-based management system, with which the tool would integrate, is also proposed. This is based around a vendor independent XML-based repository of device configurations, which could be used to bring together existing policy management and analysis systems.
Resumo:
Purpose –The research examines the sales process practised by SMEs, and barriers and enablers that hinder and support effective selling practices from the selling organisation’s perspective in Scottish-based Food and Drink firms. Design/methodology approach - – The paper adopts an interpretivist perspective with qualitative data gathered through face-to-face semi-structured interviews. 20 people involved in selling activities were interviewed from 15 SMEs across Scotland. Thematic analysis established key findings regarding the sales process practice. Findings – Five themes emerged that affect the operationalisation of the selling process: the owner manager has considerable involvement in the sales process, SMEs with some degree of sales knowledge take a more systematic approach, SMEs lack awareness of how CRM technology can assist them, power is tipped in favour of the buyer and, the geographic location of the SME places constraints on how SMEs conduct business Research limitation/implication – Thematic analysis was chosen over other more traditional methods due to the lack of relevant quantitative data. The phenomenon of the research and research methodology means that it will not be possible to repeat this study and replicate its findings. However, the process that has been adopted does provide a basis for future research. Originality/value - The paper identifies areas where future research is required in the field alongside suggestions where policy makers and government business agencies might focus intervention to assist SMEs improve delivery of the sales process and selling effectiveness