The Net-Policy project allows system administrators to configure and manage their entire network at once. It is initially designed to configure firewall and IPsec connections across an entire network.
Net-policy contains the following components:
This is the core network manager. It is a generic SNMP-based manager and is capable of managing any information configurable via SNMP. It is currently web based with a few more interfaces (Tk, CLI, ...) planned or partially implemented. It's SNMP engine is based on the OpenSNMP and Net-SNMP toolkits. It runs on top of a PostgreSQL database.
After checking out the SVN source code or downloading the tar ball for the net-policy project, run ./np-install as root to help guide you through a complete installation using our graphical installer.
Configurable optional pieces
The net-policy manager is capable of managing the following modules. The management system above is already capable of managing
np-cerberus: A IPsec implementation for linux based on the 2.4 kernel. This code is derived from NIST's IPsec reference project. We ported the code to the 2.4 kernel and added some IPtables specific pieces and re-released it here (with their permission).
np-plutoplus: A IKE implementation which runs on top of np-cerberus. This is code is derived from NIST's IKE reference project. It has been instrumented with SNMP support using the Net-SNMP toolkit.