Safety access method and system based on fire wall policy

Abstract

The invention discloses a safety access method and system based on a fire wall policy, and relates to the technical field of computer information security. According to the safety access method and system, configuration problems and dangerousness of the fire wall policy because of habits or unexpected errors of managers can be avoided through the dynamic open configuration according to needs. Furthermore, after equipment is accessed according to needs, a fire wall can close service access states according to fire wall poly instructions, and therefore the equipment can be effectively protected against external accesses and invasions which do not accord with service protocols. Through the dynamic starting-stopping configuration of the fire wall policy, the service protocols of the fire wall are started and stopped, manual operation of the managers is reduced, and therefore losses caused by operation errors can be avoided. A one-to-one safe configuration method between the fire wall safety policy and the equipment is achieved according to network safety check each time, access needs can form an access period, a safe closed ring from access needs to access to access stop is formed, and therefore the target equipment can be effectively protected against network threats in real time.

Description

technical field [0001] The invention relates to the technical field of computer information security, in particular to a security access method and system based on firewall policies. Background technique [0002] With the development of information technology, more and more attention has been paid to network information security issues. Based on this, firewalls are used in the prior art to implement secure access. A firewall policy is a series of specific rules. Any required access must be matched with the policy. Only after the matching is successful can the device be accessed safely through the firewall. Therefore, the formulation of policies is very important for the function of the firewall. [0003] The management of the existing firewall policy is to configure the firewall security policy according to the access requirements by the firewall administrator. After the policy is configured, it exists for a long time. Regardless of whether the access requirements change or...

AI Technical Summary

Problems solved by technology

Such a complex access control policy makes it difficult for firewall administrators to even dare to delete and optimize the policy. Changes to the policy may affect the operation of live network services

In this case, firewall policies accumulate more and more, regardless of whether the access requirements change, the firewall is always open, which greatly reduces the effect of the firewall on restricting access

In addition, due to the implementation principle of the firewall, too many policies put a lot of pressure on the performance of the firewall

[0005] It is required to be able to access the target device through the service protocol of the firewall. Since the firewall policy cannot effectively control the closure of the firewall service protocol in a timely manner, after accessing the target device, the firewall service protocol is in the open state, which poses an immeasurable

Images