Xacta Introduces New Tool to Manage Router Access Control

Xacta ACL Manager helps root out suspicious IPs, designed to meet compliance for government organizations


ASHBURN, Va. -- In response to National Institute of Standards and Technologies (NIST) best practices and commonly-held network filtering policies, many organizations are tasked with providing tight controls and management over router access control lists (ACLs). ACLs determine which IP addresses have access to the organization’s network. Without the right tools, managing access lists can be a cumbersome burden for organizations.

While the need for such controls is clear, reaching the objective can be a time-consuming ordeal. With the introduction of Xacta ACL Managerâ„¢, organizations now have access to a cost-effective, easy-to-use and secure solution for their ACL-related needs.

Historically, controlling ACLs was tedious and time intensive. Because the ACL is often built directly into routers, any changes to it involved significant coding to each individual router. To complicate things further, because the ACL is built directly into the router’s code, if the operator implementing changes to the ACL makes a mistake in the programming, it could shut down the router or slow it dramatically.

For organizations such as the Department of Defense with thousands of routers, the old approach was too difficult to be effective. They could not make quick changes to router access lists to counter attacks at the perimeter of their network from suspicious Internet protocol (IP) addresses.

Xacta ACL Manager is fundamentally changing the process. Any organization with sensitive information stored in their network can benefit from improved access control procedures. The new product is a simple, Windows-based graphical user interface (GUI) that enables a central administrator to make changes to large numbers of routers concurrently at multiple locations throughout the world. They can type a change into Xacta ACL Manager, and with a mouse click, determine which routers will be affected. Then the product begins its work. Xacta ACL Manager generates the back-end code to begin the process for all the routers, tests the new rules to ensure they will work for the affected routers, and then automatically applies the code to the specified routers.

“Information is the number one asset for most organizations, and access control lists, if monitored and managed properly, can be a significant boost for an organization’s information security,” said Richard P. Tracy, Telos’ chief security officer. “The problem was that in the past, it was a very technical and time-intensive process. We created Xacta ACL Manager to simplify the process of managing these lists. The product reduces a highly-technical activity into one that’s as simple as point-and-click. Now when network security logs reveal suspicious activity, action can be immediate, widespread and effective.”

As a cross-platform solution, Xacta ACL Manager can be hosted on any Windows-compatible computer and can simultaneously deploy the same access list to multiple proprietary routers. Xacta ACL Manager uses algorithms to manage over 100,000 access list entries in a single access list. This cross-platform structure reduces training time for operators, who no longer need to learn intricate and widely-varying device architectures for every make of router used in their network.

In addition to increasing network security and saving time in deployment, Xacta ACL Manager is cost efficient. Its precise access to list management means that network attacks are less likely and collateral damages from attacks are reduced, resulting in a decrease in forensic analyses and recovery costs.

This content continues onto the next page...