Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network application firewall method and apparatus

A network application and network equipment technology, applied in the computer field, can solve problems such as affecting rankings, complex access process, and affecting key indicator information of user websites, so as to improve the protection effect and simplify the access process

Inactive Publication Date: 2016-11-23
ALIBABA GRP HLDG LTD
View PDF5 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] In the existing technology, the access process of cloud WAF (website application protection system) is mostly complicated, which affects the original key indicator information of the user website, and there are many defects in the website protection effect
For example, in the existing CNAME-WAF mode, by modifying the CNAME (alias record) information corresponding to the target application, the destination IP information corresponding to the original access request is modified to the IP information corresponding to the cloud WAF, thereby receiving the access request Into the cloud WAF, the change of the destination IP may affect the SEO (search engine optimization) ranking of the target application. In addition, when a domain name connected to the cloud WAF is attacked, because the attacker sees the The IP information corresponding to the above-mentioned cloud WAF cluster may have a certain impact on other applications connected to the WAF

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network application firewall method and apparatus
  • Network application firewall method and apparatus
  • Network application firewall method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The application will be described in further detail below in conjunction with the accompanying drawings.

[0022] In a typical configuration of the present application, the terminal, the device serving the network and the trusted party all include one or more processors (CPUs), input / output interfaces, network interfaces and memory.

[0023] Memory may include non-permanent storage in computer-readable media, in the form of random access memory (RAM) and / or nonvolatile memory, such as read-only memory (ROM) or flash memory (flashRAM). Memory is an example of computer readable media.

[0024] Computer-readable media, including both permanent and non-permanent, removable and non-removable media, can be implemented by any method or technology for storage of information. Information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), sta...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The application aims to provides a network application firewall method and apparatus. The method comprises the following steps: configuring corresponding lead strategy information in a network apparatus according to application address information of a network application to be defended; receiving an access request about the network application led by the network apparatus on the basis of the lead strategy information, the a destination address of the access request being the application address information; converting the destination address of the access request into local address information corresponding to the firewall application; and utilizing the firewall application to carry out defense processing for the access request. Compared with the prior art, the network application firewall method and apparatus have the advantages that the access request of the destination address instead of that of the address information of the firewall application itself is led, corresponding defense processing is achieved, some key indicator information of an original network application will not be affected during data transmission, and attacks of several network applications are prevented from affecting other network applications accessed to the same firewall application.

Description

technical field [0001] The present application relates to the computer field, in particular to a network application protection technology. Background technique [0002] In the prior art, the access process of cloud WAF (website application protection system) is mostly complicated, which affects the original key indicator information of the user's website, and there are many defects in the website protection effect. For example, in the existing CNAME-WAF mode, by modifying the CNAME (alias record) information corresponding to the target application, the destination IP information corresponding to the original access request is modified to the IP information corresponding to the cloud WAF, thereby receiving the access request Into the cloud WAF, the change of the destination IP may affect the SEO (search engine optimization) ranking of the target application. In addition, when a domain name connected to the cloud WAF is attacked, because the attacker sees the The IP informat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 宋志明
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products