Network Security Policy Processing System and Processing Method

A network security and security policy technology, applied in the field of network security policy processing systems, can solve problems such as high manual maintenance costs and inability to meet the actual needs of servers to go online quickly, achieving intelligent configuration, eliminating complexity, and improving efficiency effect

Active Publication Date: 2019-03-12
SHANGHAI CTRIP COMMERCE CO LTD
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The technical problem to be solved by the present invention is to provide a network security policy processing system and processing method in order to overcome the defect that the network security policy management method in the prior art cannot meet the actual needs of the server to go online quickly and the manual maintenance cost is too high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network Security Policy Processing System and Processing Method
  • Network Security Policy Processing System and Processing Method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The present invention is further illustrated below by means of examples, but the present invention is not limited to the scope of the examples.

[0028] Such as figure 1 As shown, the network security policy processing system of the present invention includes an IP address sending module 1 , a traffic learning module 2 , an extracting module 3 , a first merging module 4 , a second merging module 5 and a processing module 6 .

[0029] Wherein, the IP address sending module will send the IP address of the server (that is, the newly added IP address or the changed IP address) to the traffic learning module 2 when the server goes online or the network changes;

[0030] After the flow learning module 2 receives the IP address, the network security policy corresponding to the IP address is set to all release policies, that is, the all-pass policy is opened for the IP address; and starts flow learning, setting a learning time, and then collect all traffic information of the I...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a processing system and processing method of network security policies. The processing system comprises an IP address sending module, a traffic learning module, an extraction module, a first merging module, a second merging module and a processing module; the IP address sending module sends an IP address when a server goes online or a network changes; the flow learning module receives the IP address, sets a corresponding network security policy to an all-pass policy and receives all traffic information of the IP address; the extraction module extracts a source IP address, a destination IP address, a destination port and a protocol according to each piece of collected traffic information so as to generate basic security policies; the first merging module carries out source IP address merging on the basic security policies so as to generate initial security policies; the second merging module carries out destination IP address merging on the initial security policies so as to generate a final security policy; and the processing module sends the final security policy to a network security device and deletes the all-pass policy. According to the processing system and processing method of the network security policies, the network security policies can be automatically generated through a traffic learning module mode, and full-automatic configuration can be realized.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a system and method for processing network security policies. Background technique [0002] With the development of the Internet, the network security protection of data centers is becoming more and more complex, the configuration of network security policies is becoming more and more complicated, and manual configuration is becoming more and more difficult. The existing network security policy management methods cannot meet the actual needs of the server to go online quickly, and the cost of manual maintenance is too high. Contents of the invention [0003] The technical problem to be solved by the present invention is to provide a network security policy processing system and processing method in order to overcome the defect that the network security policy management method in the prior art cannot meet the actual needs of fast online server and the manual maintenanc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/20
Inventor 朱志博吴善鹏张昊峥张晓强雷兵
Owner SHANGHAI CTRIP COMMERCE CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products