During the deployment of computer network devices (switches, routers) numerous configuration options have to be made. In order to maintain the security of the network regular configuration reviews are necessary. This task is usually performed by independent auditors, but it doesn’t mean that we can’t perform these kind of reviews ourselves.
During the development of my master's thesis I aimed to create a service that can automatically perform and support audit operations. I tried to develop a universal solution that enables targeted review of large amounts of network devices beside detailed report generation and which product does not need any networking intervention, so because of these, it doesn’t need stopping time while the networking experts would be servicing the system. It is definitely made for auditors and networking security experts. It could be an expedient, easily usable, customer oriented tool because of the repeatability, meanwhile it always sets the system’s state to customer’s security requirements.
In my thesis, I would like to present the main stages of the development of Audit as a Service, based on proven methodologies used in software technology. First of all, the design phase, starting from the abstract job description and use cases, I created a complete system design which served as a guideline for the development. At the same time, I defined the technologies used to develop the expected functionality of the service. In the implementation phase, I described the main components of the software, based on Java, and the links between them. Finally, in the verification step, through the concrete examples, I present the capabilities of the completed application, which make it easier to perform a complete audit.