Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Next-generation application firewall system and defense method

An application firewall, next-generation technology, applied in transmission systems, electrical components, etc., can solve problems such as low performance and efficiency, inability to cooperate in operations, and complex UTM security protection strategies, so as to improve overall performance and efficiency. Maintain and enhance the effect of visualization functions

Active Publication Date: 2013-01-02
SANGFOR TECH INC
View PDF4 Cites 39 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] (1) Low efficiency: The same data packet is repeatedly unpacked and analyzed repeatedly through various devices in series, which makes the efficiency of the entire network low and the operating speed very slow;
[0005] (2) High maintenance cost: Many devices need to provide sufficient space and environmental support, which greatly increases the maintenance cost;
[0006] (3) Complex management: Independent equipment and complex management require training of senior managers who are familiar with various types of equipment and equipment from various manufacturers; at the same time, it is impossible to conduct unified security risk analysis
[0008] (1), UTM equipment only simply integrates FW, IPS, and AV, and has poor control over applications and content, and there are still problems in the security and management of traditional firewalls, such as the lack of effective protection for WEB servers;
[0009] (2) The security devices connected in series in UTM need to be filtered by multiple security modules, but the security modules of multiple modules fight independently and passively protect, and cannot coordinate operations, resulting in low performance and efficiency;
[0010] (3) When the business requires high security policies, the UTM security protection policy is too complex and has poor visibility, making it difficult for administrators to maintain

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Next-generation application firewall system and defense method
  • Next-generation application firewall system and defense method
  • Next-generation application firewall system and defense method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0061] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0062] refer to figure 1An embodiment of a next generation application firewall system defense method of the present invention is proposed. The method can include:

[0063] Step S10, obtaining data packets in the data stream;

[0064] Step S11, analyzing and verifying the data in the data packet;

[0065] Step S13, collecting and analyzing the verification results, and processing according to the corresponding preset strategy.

[0066] refer to figure 2 , after the above step S11 may also include:

[0067] Step S12, configuring a processing policy according to the identified data application type in the data packet.

[0068] The main structure of the next-generation application firewall system mainly includes: security control based on users, applications, and content, content-level security protection, high-pe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a next-generation application firewall system and a defense method. The defense method can comprise the following steps of: acquiring a data package in a data stream; carrying out analyzing and verifying on the data in the data package; and collecting and analyzing verified results, and carrying out processing according to a corresponding preset strategy. According to the next-generation application firewall system and the defense method, the shortages of traditional safety devices are holistically solved, and meanwhile, the performances of the devices can not degrade after all functions are started.

Description

technical field [0001] The invention relates to the next generation application firewall technology, in particular to a next generation application firewall system and defense method. Background technique [0002] With the rapid development of network applications and the increasingly complex network structure, the limitations of traditional firewalls are clearly reflected: traditional firewalls are based on IP (Internet Protocol, a protocol for interconnecting networks) / ports, and provide access control policies (Access Control List, ACL) and abnormal packet filtering, but its working mode determines that it cannot intercept attacks from the application layer, such as: worms, viruses, and Trojan horses. Traditional firewalls are also unable to distinguish specific applications and their content in traffic, unable to distinguish users, let alone analyze and record user behaviors, that is, unable to distinguish applications and content, which will result in the inability to r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 李军
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com