Unlock instant, AI-driven research and patent intelligence for your innovation.

Firewall policy data analysis device and method based on network flow

A firewall strategy and data analysis technology, applied in the direction of electrical components, transmission systems, etc., can solve problems such as system security protection defects, and achieve the effect of improving security

Inactive Publication Date: 2017-03-15
INFORMATION & TELECOMM COMPANY SICHUAN ELECTRIC POWER +1
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

A large number of visits have caused some defects in the system security protection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall policy data analysis device and method based on network flow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0022] Such as figure 1 The shown firewall policy data analysis device based on network traffic includes:

[0023] The mirror switch, connected to the switch, obtains all access data of the firewall;

[0024] The mirror traffic collection server preprocesses the data obtained by the mirror switch and generates corresponding txt files for storage;

[0025] The analysis device analyzes and merges the data according to the MapReduce algorithm to generate statistical reports.

[0026] In order to facilitate the rapid analysis of traffic data under large-scale data conditions, the mirrored traffic collection server stores the data in a distributed memory.

Embodiment 2

[0028] A firewall policy data analysis method based on network traffic, comprising the following steps:

[0029] Step 1. Establish bypass mirroring of firewall access data entry and exit, and collect all access data of the firewall in real time;

[0030] Step 2, preprocessing the image data format, extracting the feature vector and storing it in the form of a message;

[0031] Step 3. Analyze the data using a distributed computing framework.

[0032] In step 3, the analysis process specifically includes: 1. Filter the access traffic in non-IPv4 format; 2. Filter the access data that does not match the prefix, for example, the source IP prefix format for the destination IP access needs to be set in the firewall rules, for example, 192.168.15.*, all access addresses that do not conform to the source IP prefix format will be filtered by the firewall and access is prohibited; 3. Extract the access source IP data and the accessed destination IP data; 4. According to the access IP ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a firewall policy data analysis device based on the network flow. The firewall policy data analysis device comprises a mirror image switch, a mirror image flow acquisition server and an analysis device; the mirror image switch is connected onto a switch, and used for obtaining all access data of a firewall; the mirror image flow acquisition server is used for pre-processing the data obtained by the mirror image switch, and generating a corresponding txt file to store; and the analysis device is used for performing analysis and merging of the data according to a MapReduce algorithm, and generating a statistical report form. A firewall access policy configuration report form can be generated; an auxiliary decision action is provided for firewall safety managers; workers are helped to judge the correctness of policy configuration of the firewall; and thus, the operation safety is improved under a condition that normal operation of an information system is ensured.

Description

technical field [0001] The invention relates to a firewall strategy data analysis device and method based on network flow. Background technique [0002] The marketing business application information system of the provincial power companies of the State Grid is a centralized system for the whole province. It has a large number of visits and a large number of users, especially in Sichuan, a province with a large population. A large number of visits have caused some flaws in the system's security protection. How to configure a correct firewall security policy? How to determine whether the security policy configuration on the firewall is correct? These are two problems that need to be solved urgently for the firewall security of the current marketing system. Contents of the invention [0003] In order to solve the above-mentioned technical problems, the present invention provides a firewall policy data analysis device and method based on network traffic, which can generate...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/20H04L63/02
Inventor 王电钢潘可佳杨帆杨懿黄林
Owner INFORMATION & TELECOMM COMPANY SICHUAN ELECTRIC POWER