Information Technology Reference
In-Depth Information
Chapter 15
Sharp Tools
\Hello," said Claire, \what are you doing? It looks grim." Nigel was sit-
ting at a long table with two monitors and a laptop, surrounded by printed
lists and diagrams. \I'm rebuilding the rewall rules for the federation links
with Factotum. It all works OK on the test systems, but when we move to
production it is going to need a whole new set of permissions, and I'm going
to have to prove to internal audit that there are no loopholes." \That doesn't
sound too bad; why is there so much paper involved?"
\Because the conguration data comes from the network management sys-
tem, but the actual communication patterns are application sequence dia-
grams, and they are scattered about the different functional designs. To make
things worse, the actual data flows are not exactly as the designs say because
there are transparent caches in front of the interceptors, so the network flows
are broken up by that. The control rules are all in different formats and come
from dierent systems, too."
Claire was getting interested. They worked through the different data
sources, and before lunch they had identified five different report types that
together held all the key information. After that, some simple shell scripts
had extracted a series of relationships and massaged the names into a more
manageable form. Claire had got Ira involved because she remembered an
open source ontology visualization tool he had been so pleased with earlier in
the week. It was now mid-afternoon, and they were gathered round a laptop
looking at a display dense with coloured lines.
\What a mess," Nigel said. \It's worse than all the paper." \Yes, but
wait," said Ira, pulling down a menu, \here's the really clever bit. The tool
does cluster analysis and looks for relational closures that fit with the resulting
structure." He clicked a couple of items and the picture writhed and settled
down to show a coarse mesh with a small number of lines cutting across the
main bundles. \Now then, we want to know about the authorized paths that
cross organizational boundaries."
After some more option selection, a few
bundles were highlighted in red.
Nigel took over and hovered the mouse over these groups, noting the net-
work routes involved. \Yes, that's the structure I was working on, but what
about that group of flows up there? Oh, they all go through a thing called the
echo responder; what does that do?" Claire thought for a moment. \That's
195
