SSPE: Managing security policies for multiple firewalls



The Simple Security Policy Editor (SSPE) helps you organize your network and keep track of security policies across multiple firewalls. You can reference a central policy to generate rulesets for packet filters and VPN gateways.

Many networks require multiple firewalls. Firewalls guard the Internet gateway, separate the departments within an enterprise, and help to connect remote sites through VPN technology. In this scenario, it helps to have a central tool for managing firewall security policies. The pioneer in this field was the Checkpoint Firewall-1 GUI [3]. But this commercial package tends to be overcomplicated, with an overabundance of features – not all of them useful – adding to the tool’s complexity. The free Simple Security Policy Editor (SSPE) [1] is far leaner. SSPE is basically a collection of shell and Perl scripts that help admins manage a distributed firewall environment.