Automatic query method and system for firewall policy

A firewall strategy and query method technology, applied in the field of network security, can solve the problems of increased workload and low work efficiency, and achieve the effects of reducing workload, improving management efficiency, improving efficiency and accuracy

Active Publication Date: 2016-06-15
SHANGHAI CTRIP COMMERCE CO LTD
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The technical problem to be solved by the present invention is to overcome the defect that the method of querying firewall policies in the prior art is mainly performed by manually

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic query method and system for firewall policy
  • Automatic query method and system for firewall policy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The present invention is further illustrated below by means of examples, but the present invention is not limited to the scope of the examples.

[0029] Such as figure 1 Shown, the automatic inquiry method of firewall strategy of the present invention comprises the following steps:

[0030] Step 101, building a firewall policy information base, storing multiple firewall policies in the firewall policy information base, each firewall policy includes a source address array (sources), a destination address array (destinations) and a service array (services); preferably Specifically, each firewall policy also includes an action type (action) and a firewall name (name);

[0031] Step 102, query condition is set, and described query condition comprises target source address (scr_ip), target destination address (dst_ip) and target service data (service); Concrete query condition can be set and input by the user as needed;

[0032] Step 103: Obtain a firewall policy from the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an automatic query method and system for a firewall policy. The method comprises the following steps: step S1, constructing a firewall policy information base; step S2, setting query conditions, including a target source address, a target destination address and target service data; step S3, acquiring one firewall policy from the firewall policy information base; step S4, judging whether a source address array, a target address array and a service array of the acquired firewall policy respectively include the target source address, the target destination address and the target service data, if so, then executing step S5, and if not, then returning to step S3; step S5, conserving the acquired firewall policy to a query result set; step S6, judging whether the acquired firewall policy is the last one in the firewall policy information base, if so, then executing step S7, and if not, then returning to step S3; and step S7, outputting the query result set. The automatic query method and system for the firewall policy provided by the invention can realize the concentrated and unified management of the firewall policy, and improve the efficiency of firewall policy query.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an automatic query method and system for firewall policies. Background technique [0002] With the continuous development of Internet technology, the scale of online websites is getting larger and larger, and firewalls are widely used as a security barrier for websites. The increase in the number of firewalls and security policy entries in the firewalls has doubled the workload of security engineers, and it becomes very difficult to find out whether a certain security policy exists from a large number of security policies in multiple firewalls. The existing method of querying firewall policies is mainly to manually log in to the query interface of each firewall to retrieve firewall policies. Such a cumbersome query method makes the work efficiency of security engineers very low and increases the probability of errors. Contents of the invention [0003] The technical p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/20
Inventor 吴善鹏郑晨田国华雷兵朱志博
Owner SHANGHAI CTRIP COMMERCE CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products