Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for improving fire wall performance

A firewall and performance technology, applied in special data processing applications, instruments, electrical digital data processing, etc., can solve the problems of decreased forwarding efficiency and slow sequence search efficiency, etc.

Inactive Publication Date: 2003-09-03
华北计算机系统工程研究所
View PDF0 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Existing firewalls have the following disadvantages: sequential search efficiency is slow, and forwarding efficiency decreases when the number of rules increases; search rule complexity is o(N) (N is the number of simple rules), etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for improving fire wall performance
  • Method for improving fire wall performance
  • Method for improving fire wall performance

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0006] The present invention will be described in detail below in conjunction with specific embodiments and related drawings. The generation method of the security rule tree applying the multi-dimensional space model is as follows: 1) the step of user input security policy; 2) the preprocessing steps of space division, grammar check and semantic analysis for the security rule input by the user. 3) Compile and optimize the preprocessed rule table, generate a security policy semantic structure tree, and download it to the core. 4) A step of querying the firewall security policy generated by the above method. figure 1 The network environment in is a typical network application environment configured with cygergate2.0. Intranet users can access the dns service and www service in the DMZ area, and can access the Internet; users on the Internet can access the services provided by the DMZ area. There are three legal IP addresses for the external network on the firewall host, which a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method to improve performance of fireproof wall in computer network system applies hyperspace model to create safety rules, which includes the following steps: 1) inputting safety strategic steps by the User, 2) carrying on preprocessing steps of space dividing, syntax checking and semantic analysing for the rules having been preprocessed for creating smantic structure tree of safety strategy and creation step to be down loaded into fulcrum and 4) inquring method for fireproof wall safety strategy created according to above method, of which step 4) can be operated as capturing each data packet passing through the fireproof wall by filtering module to extract information in it for obtaining access state bit in order to execute relevant action after the downloading operation.

Description

technical field [0001] The invention relates to a firewall security model in a computer network system, and improves the forwarding efficiency of the firewall by using the multi-dimensional space model of the firewall and a fast search method. Background technique [0002] Existing firewall packet filtering rules generally take actions according to some parameters such as ip source address, ip destination address, service port number, user identification, time, etc., such as receiving, discarding, or network address translation. The firewall stores the rules in order. When filtering the data packets, the header information (ip source address, ip destination address, source port, and destination port) extracted from the data packets is compared with the n rules of the firewall one by one until a certain rule is found. Matches the information in this data packet. At this time, the rule can be applied to take some action. This method is not optimized for the search process, and...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F17/30
Inventor 傅一帆
Owner 华北计算机系统工程研究所
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com