Dynamic regulating method and system for security policy

A technology for security policy and dynamic adjustment, applied in the field of network security, can solve the problems of inability to adjust security policy in real time, and inability to take into account network security and network processing efficiency, and achieve the effect of dynamic balance of processing efficiency and dynamic balance of security protection.

Inactive Publication Date: 2009-08-12
CHINA UNITED NETWORK COMM GRP CO LTD +1
View PDF0 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the security policy of the intrusion prevention system in the prior art is fixedly configured, the security policy cannot be adjusted in real time according to the network status and business information, and the security of the network and the processing efficiency of the network cannot be considered

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic regulating method and system for security policy
  • Dynamic regulating method and system for security policy
  • Dynamic regulating method and system for security policy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0015] The technical solutions of the present invention will be described in further detail below with reference to the accompanying drawings and embodiments.

[0016] As a security protection system that effectively prevents network attacks, the intrusion prevention system detects and intercepts viruses, attacks, spam and other intrusions through technologies such as traffic characteristic analysis and deep data packet inspection, and implements a security strategy of deep defense. The intrusion prevention system receives network data from an external system through one network port of the device, detects the data, and confirms that it does not contain abnormal activities or suspicious content, and then transmits the data to the internal system through another network port. The attack behavior is immediately blocked, so it can be guaranteed that the attack data from the outside cannot enter the network through the network boundary. Intrusion prevention systems tend to provide...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a dynamic regulation method and a dynamic regulation system for security strategy. The dynamic regulation method for the security strategy comprises the following steps: detecting any one and a combination of network link flow, actual processing capability of a device and service type to acquire a detection result; and according to the detection result, dynamically regulating the current security strategy. The dynamic regulation system for the security strategy comprises a detection module and a regulation module, wherein the detection module is used for detecting any one and a combination of the network link flow, the actual processing capability of the device and the service type to acquire the detection result; and the regulation module is used for dynamically regulating the current security strategy according to the detection result detected by the detection module. The method and the system achieve the dynamic regulation for the security strategy of an intrusion prevention system, and achieve the dynamic balance of processing efficiency and security protection.

Description

technical field [0001] The invention relates to network security technology, in particular to a method and system for dynamically adjusting security policies. Background technique [0002] With the continuous development and progress of network technology, network attack methods are becoming more and more complex and diversified, and network security is facing great challenges. The traditional information security protection system uses firewall technology and / or intrusion detection technology. Firewalls deployed in series can intercept attacks on the lower layers, but cannot prevent attacks on deep layers such as the application layer; the intrusion detection system deployed in the bypass can timely Detect deep attack behaviors as an effective supplement to firewall technology, but it cannot achieve real-time blocking of attack behaviors, that is, it cannot handle more and more "instantaneous" attack behaviors. Therefore, in order to ensure the effective security of the ne...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/56H04L12/26H04L12/24
Inventor 常铮夏俊杰
Owner CHINA UNITED NETWORK COMM GRP CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap