Firewall policy processing method and device

A firewall policy and firewall technology, applied in the field of network security, can solve the problems of large number of firewall rules, labor-intensive, and poor timeliness of manual auditing, so as to reduce the possibility of being attacked, achieve effective management, and improve auditing efficiency.

Inactive Publication Date: 2014-11-05
HANDAN BRANCH OF CHINA MOBILE GRP HEBEI COMPANYLIMITED
View PDF4 Cites 32 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The main problems of using manual auditing of firewall policies are as follows: First, the number of firewall policies is huge, and manual auditing is very labor-intensive
Analyzing and auditing firewall policies manually will consume a lot of manpower
Second, the timeliness of manual audit is poor, and abnormalities and wrong strategies cannot be found in time
Due to the large and cumbersome firewall rules, it is difficult to timely and effectively review the newly added firewall policies

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall policy processing method and device
  • Firewall policy processing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] figure 1 It is a flow chart of a firewall policy processing method in an embodiment of the present invention. Such as figure 1 shown, including the following steps:

[0021] Step 100, collecting firewall policies, and standardizing the firewall policies to generate a firewall policy access control list;

[0022] Step 102, collect network traffic between the internal network of the firewall and the internal and external networks, and obtain network traffic ratio statistics;

[0023] Step 104, performing quantitative processing on the firewall policy access control list according to the network traffic ratio statistical data;

[0024] Step 106: Perform policy optimization processing on the quantized firewall policy access control list according to preset policy optimization rules.

[0025] Preferably, after step 106, the method may further include: performing security audit processing on the quantified firewall policy access control list according to preset security a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a firewall policy processing method and device. The method comprises the following steps: acquiring firewall policies, and standardizing the firewall policies to generate a firewall policy access control list; acquiring network flow of an internal network as well as between internal and external networks of a firewall to obtain network flow proportion statistics; quantifying the firewall policy access control list according to the network flow proportion statistics; and performing policy optimization processing on the quantified firewall policy access control list according to a preset policy optimizing rule. With the firewall policy processing method and device, the defect of waste of time and labor in manual auditing of firewall policies can be overcome, the management of firewall change policies is reinforced, the establishment of policies with safety risks is avoided, and the security of the firewall is enhanced.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for firewall policy processing. Background technique [0002] As a protective barrier between the internal network and the external network, between the private network and the public network, the firewall plays an important role in preventing external intrusion. Firewall policy refers to the provisions, rules, requirements and filtering terms that the firewall must refer to. The firewall allows or blocks the data flow passing through the firewall according to the firewall policy, and the firewall policy plays a key role in the access control of the internal and external network. With the growth of network scale and continuous adjustment of services, a large number of security policies are configured on the firewall. These policies may contain policies that are no longer used, redundant, conflicting, or even violate security rules, which not only in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 王立川
Owner HANDAN BRANCH OF CHINA MOBILE GRP HEBEI COMPANYLIMITED
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products