Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Rule matching method and apparatus, firewall device, and machine readable storage medium

A matching method and rule technology, applied in electrical components, transmission systems, etc., can solve problems such as abnormal access, poor matching performance of security policy rules, etc., and achieve the effect of improving matching performance and avoiding wrong matching operations

Active Publication Date: 2018-12-07
NEW H3C SECURITY TECH CO LTD
View PDF10 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, in practical applications, especially in enterprises, employees have different access rights to the enterprise network due to their different positions. If the address range segment in the filter condition of the security policy rule covers the addresses of all employees, the When matching, the packets of all employees will be matched successfully, resulting in abnormal access, that is, the matching performance of security policy rules is poor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Rule matching method and apparatus, firewall device, and machine readable storage medium
  • Rule matching method and apparatus, firewall device, and machine readable storage medium
  • Rule matching method and apparatus, firewall device, and machine readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0025] In order to improve the matching performance of security policy rules, an embodiment of the present invention provides a rule matching method, device, firewall device, and machine-readable storage medium.

[0026] In the following, a rule matching method provided by an embodiment of the present invention is firstly introduced.

[0027] A rule matching method provided by an embodiment of the present invention may be executed by a firewall device. A meth...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a rule matching method and apparatus, a firewall device, and a machine readable storage medium. The rule matching method comprises the following steps: when amessage is received, obtaining a security policy rule, and if it is determined that an address range segment in a filtering condition of the security policy rule contains at least one excluded address, segmenting the address range segment according to the excluded addresses to obtain a plurality of first address range segments excluding the excluded addresses; and matching the received message based on the first address range segments. By adoption of the scheme, the matching performance of the security policy rule can be improved.

Description

technical field [0001] The present invention relates to the technical field of security defense, in particular to a rule matching method, device, firewall equipment and machine-readable storage medium. Background technique [0002] A firewall device refers to a protective barrier composed of software and hardware, constructed between the internal network and the external network, between the private network and the public network, so that a security gateway can be established between the networks, thereby protecting the internal network from Intruded by illegal users. Security policy rules can be configured on the firewall device. Security policy rules can support filtering conditions such as address object groups, and matching items such as address range segments can be configured in address object groups. For example, for an enterprise, in order to facilitate the normal access of enterprise employees to the corporate network, configure the filter conditions that support a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/0236H04L63/0263
Inventor 岳伟国
Owner NEW H3C SECURITY TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com