Firewall safety rule optimization method and device thereof

An optimization method and a technology for optimizing devices, applied to electrical components, transmission systems, etc., can solve problems such as potential safety hazards and low working efficiency of firewall equipment, and achieve the effect of improving efficiency

Inactive Publication Date: 2014-06-18
CHINA TELECOM CORP LTD
View PDF1 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to propose a method and device for optimizing firewall security rules, which can solve the problems of low working efficiency and potential safety hazards of firewall equipment by optimizing the security rules of firewall equipment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall safety rule optimization method and device thereof
  • Firewall safety rule optimization method and device thereof
  • Firewall safety rule optimization method and device thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The technical solutions of the present invention will be described in further detail below with reference to the accompanying drawings and embodiments.

[0042] Such as figure 1 As shown, it is a schematic flowchart of an embodiment of the method for optimizing firewall security rules of the present invention. In this embodiment, the method for optimizing firewall security rules includes:

[0043] Step 101, downloading all security rules from the firewall device;

[0044] Step 102, obtaining the flow technology information and system log information of the firewall device;

[0045] Step 103. Obtain the correspondence between security rules and matching data traffic according to the flow technology information and system log information;

[0046] Step 104, sort the security rules according to the matching data traffic from large to small;

[0047] Step 105. Push the sorted security rules back to the firewall device.

[0048] In this embodiment, the flow technology (...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a firewall safety rule optimization method and a device thereof. The method comprises the following steps: all safety rules are downloaded from firewall equipment; a streaming technical information and system log information of the firewall equipment are obtained; correspondence between the safety rules and matched data traffic is obtained according to the streaming technical information and the system log information; and the safety rules are sorted from large to small according to the matched data traffic, and the sorted safety rules are pushed back to the firewall equipment. According to the invention, matched data traffic of each safety rule in a firewall is determined by analyzing FLOW information and SYSLOG information of the firewall, sorting operation from large to small is carried out in allusion to the data traffic, and the sorted safety rules are pushed back to the firewall. Thus, safety rules such as heavy matched traffic and high frequency are adjusted to the forefront of a safety rule list. Based on a present matching mode of the safety rule list from top to bottom, firewall rule matching efficiency is raised after the safety rule list is adjusted.

Description

technical field [0001] The invention relates to network and information security technologies, in particular to a method and device for optimizing firewall security rules. Background technique [0002] A firewall is a combination of software and hardware devices, and is a protective barrier constructed between the internal network and the external network. It can allow or restrict the passage of transmitted data according to specific security rules, and protect the internal network from unauthorized users. intrusion. These security rules are usually defined or modified by network administrators. [0003] For enterprise-level firewall devices, as the configuration increases, the security rules will become more and more complex. In addition, there are multiple network administrators in the enterprise, resulting in difficulties in firewall management and configuration and logical confusion. When the data traffic reaches the firewall device, the firewall device always searches...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 肖宇峰沈军金华敏
Owner CHINA TELECOM CORP LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap