Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Cloud-based WEB application firewall system and security protection method thereof

A technology that applies firewalls and firewalls. It is applied in transmission systems, electrical components, etc., and can solve problems such as non-upgrades, firewall performance bottlenecks, and rule bases that are only upgraded once every six months and a year.

Active Publication Date: 2016-03-09
ELECTRIC POWER RESEARCH INSTITUTE, CHINA SOUTHERN POWER GRID CO LTD
View PDF5 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. Cost issues. Traditional WEB application firewalls generally use a set of WEB application firewalls for a WEB application system
[0006] 2. Ease of use, the deployment and installation of the WEB application firewall requires professionals from product manufacturers to deploy and install, and it is difficult for non-professionals to operate;
[0007] 3. Upgrade and maintenance. Due to the endless methods of application layer attacks, the rule base of WEB application firewalls also needs to be updated in time to effectively block application layer attacks. Traditional WEB application firewalls are generally upgraded manually by maintenance personnel, but many enterprises are in short supply. Therefore, some rule bases are only upgraded once every six months, and some are never even upgraded.
[0008] 4. Performance. Traditional WEB application firewalls have performance bottlenecks. If you want to improve the performance of WEB application firewalls, you need to re-purchase a WEB application firewall with better processing performance to replace the existing WEB application firewall, resulting in waste of resources.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cloud-based WEB application firewall system and security protection method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] The cloud-based WEB application firewall system of the present embodiment is composed of a cloud firewall engine and a firewall control center; wherein, the firewall control center configures and manages the cloud firewall engine; the cloud firewall engine is deployed on multiple scalable high-performance servers. On the cloud; the cloud firewall engine detects and blocks attacks at the application layer. The detection rules of the WEB application firewall system are divided into general detection rules (root_rules) and private detection rules (private_rules). ), at the same time, each cloud WEB application firewall user can also formulate special detection rules according to the needs of their own business systems.

[0036] The WEB application firewall system allocates different computing resources to users according to the resources applied by users. To use the cloud web application firewall, users only need to hand over the resolution rights of the website to the cl...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a cloud-based WEB application firewall system which is formed by a cloud firewall engine and a firewall control center. The firewall control center configures and manages a cloud firewall engine which is arranged in a cloud formed by multiple extendible high-performance servers. The cloud firewall engine detects and intercepts the attack to an application layer. Compared with the prior art, the system has the advantages that: (1) the WEB application firewall system deployment can become effective only after a user reconfigures a DNS, which is convenient and fast, (2) the safety officer of a WEB application firewall system provider carries out unified configuration upgrade, and novel attack can be intercepted earlier than that of a traditional WEB application firewall, (3) when the WEB application firewall system performance has a bottleneck, only buying more cloud resources is needed, and buying equipment again to carry out redeployment is not needed. The invention also provides a security protection method with the use of the WEB application firewall system.

Description

technical field [0001] The invention relates to a cloud-based WEB application firewall system and a security protection method thereof. Background technique [0002] At present, traditional network layer firewalls cannot intercept application layer (such as http) attacks. Enterprises generally need to deploy WEB application firewall (WAF) to detect and intercept application layer attacks. There are generally two types of WEB application firewalls, one is software The product does not need to modify the network and is directly installed on the WEB application server. Since the performance of the WEB application firewall depends on the performance of the WEB application server and has requirements on the operating system of the WEB application server, it is generally used in small WEB applications; the other is For hardware products, the network needs to be transformed, and the hardware WEB application firewall is connected to the network in series. [0003] Chinese patent ap...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/02H04L63/168H04L63/20H04L67/02
Inventor 蒙家晓蒋屹新郭晓斌许爱东陈华军关泽武陈富汉陈立明黄建理
Owner ELECTRIC POWER RESEARCH INSTITUTE, CHINA SOUTHERN POWER GRID CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com