Characteristic rule enabling method and device

A rule and traffic technology, applied in the field of network security, can solve problems such as reducing network security, undetectable attack traffic, affecting normal business processing, etc.

Active Publication Date: 2018-01-05
NEW H3C SECURITY TECH CO LTD
View PDF7 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] With the increase of feature rules configured on the security device, if all the feature rules configured are directly enabled, the service processing performance of the secur

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Characteristic rule enabling method and device
  • Characteristic rule enabling method and device
  • Characteristic rule enabling method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0039] For ease of understanding, the words appearing in the embodiments of the present application are explained below.

[0040] Feature rules: including the corresponding relationship between features and processing operations on traffic; if the traffic matches the features in a feature rule, the traffic matches the feature rule.

[0041] Currently, if figure 1 The shown network includes a client 101, a security device 102, and a server 103; in order to prevent various attack tra...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a characteristic rule enabling method and device. The method comprises the following steps: safety equipment receives a traffic, and sends a traffic mirror image to traffic learning equipment if the traffic is not matched with any enabled characteristic rule of the safety equipment; the traffic learning equipment detects a first characteristic rule matchedwith the traffic from enabled characteristic rules of the traffic learning equipment, and sends an enabling command for the first characteristic rule to the safety equipment, wherein the enabling command is used for instructing the safety equipment to enable the first characteristic rule; and the safety equipment receives the enabling command and enables the first characteristic rule according tothe enabling command. The method and device provided by the embodiment of the invention has the advantages that effects on the processing of normal services can be reduced, and the network safety canbe improved.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method and device for enabling feature rules. Background technique [0002] With the development of network technology, there are more and more types of network applications and operating systems, and the update speed of network applications and operating systems is getting faster and faster, which leads to more and more system vulnerabilities. [0003] In order to prevent various attack traffic generated through system vulnerabilities and improve network security, security devices, such as DPI (Deep Packet Inspection, deep packet inspection) devices, are equipped with more and more characteristic rules matching attack traffic. Rules are used to detect attack traffic. [0004] With the increase of feature rules configured on the security device, if all the feature rules configured are directly enabled, the business processing performance of the security devi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 岳炳词
Owner NEW H3C SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap