Unlock instant, AI-driven research and patent intelligence for your innovation.

Firewall rule processing method and device, network equipment and readable storage medium

A processing method and firewall technology, applied in the field of network security, can solve problems such as low efficiency of rule update

Active Publication Date: 2021-05-14
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, since the matching method of the firewall access control policy is from top to bottom, matching is performed according to the priority from high to low. When matching new rules, there is a situation where each rule in all rule sets is detected and matched, so that Inefficient matching and rule update

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall rule processing method and device, network equipment and readable storage medium
  • Firewall rule processing method and device, network equipment and readable storage medium
  • Firewall rule processing method and device, network equipment and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. It should be noted that terms such as "first" and "second" are only used for distinguishing descriptions, and should not be understood as indicating or implying relative importance. In the case of no conflict, the following embodiments and features in the embodiments can be combined with each other.

[0043] Please refer to figure 1 , the present application provides a network device 10 storing a policy library. Understandably, the network device 10 may serve as a firewall, and the policy library includes corresponding rules corresponding to the access control policies of the firewall, which may be used for security detection of network data.

[0044] For example, the rules in the policy library can be used to detect whether there are network threats such as attack behavior, phishing, and malicious ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a firewall rule processing method and device, network equipment and a readable storage medium. The method comprises the following steps: when an instruction for updating a rule is received, obtaining a first rule for updating; according to a target area where the first rule is located, a target rule set corresponding to the target area being determined from a strategy library, wherein the strategy library comprises multiple sets of rule sets, and the areas of the same set of rule sets are the same; and updating the rules in the target rule set according to the first rule to obtain an updated target rule set. In the scheme, when the first rule needs to be added in the strategy library, the rule set of the target area where the first rule is located is directly utilized to perform matching detection on the first rule so as to realize rule updating. Therefore, other rules except the target rule set do not need to be detected, so that the operand is reduced, and the efficiency of rule matching and rule updating is improved.

Description

technical field [0001] The present application relates to the technical field of network security, in particular, to a firewall rule processing method, device, network equipment and readable storage medium. Background technique [0002] In a firewall of a network device, an access control policy is usually configured to perform security inspection on various types of network data received by the network device. Due to the variety of data received by network devices, there are many rules in the configured policies. When the rules need to be updated, it is necessary to match and detect the newly added rules with the historical rule set, so as to integrate the new rules into the historical rule set. At present, since the matching method of the firewall access control policy is from top to bottom, matching is performed according to the priority from high to low. When matching new rules, there is a situation where each rule in all rule sets is detected and matched, so that The ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/02H04L63/10
Inventor 王亚森汪洋
Owner BEIJING TOPSEC NETWORK SECURITY TECH