InfoSecter Querent

In order to process constraints against a firewall configuration, the Analyzer needs a query document which specifies the constraints. This is an XML file which can be edited in any text editor. Querent is an application that creates and edits query documents to make using constraints easier and more reliable.

Each query document has a set of policy expressions. A policy expression is a set of properties for a network packet. Such expressions can be used to perform Policy Validation by verifying that packets with those properties are (or are not) in the behavior of a firewall configuration. The packet properties in an expression can be addresses, services, and actions. For instance, packets that come from a specific network to another network using the HTTP protocol that are permitted.

The packet properties in an expression can be specified directly, or via macros. A macro is a name with an associated value that can be used in place of that value. This is useful to make sure that all uses of a particular value are identical, to make the expression more comprehensible (e.g., "Engineering Networks" instead of "10.34.68.0/25"), or to make it easy to change a value in multiple expressions. The association of values with macros is stored in a dictionary. Each query document has a single set of macros but an arbitrary number of dictionaries. The dictionary used during analysis is specified as a command line argument to Analyzer.

There are three tabs in the Querent window.

To start, you will need to create or open a query file. Go to the File menu and select "New" or "Open". From the File menu you can also save the results of your query editing.