Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Firewall policy query method and system, firewall policy elastic scaling method and system, equipment and storage medium

A firewall policy and query method technology, applied in the field of network security, can solve the problems of low elastic scaling efficiency, low elastic scaling efficiency of firewall policy, and little significance of query results, etc., and achieve the effect of improving adjustment efficiency

Active Publication Date: 2020-05-22
CITIC AIBANK CORPORATION LIMITED
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. Low efficiency of policy query: If only one IP address is provided, when you need to query all firewall policies related to this IP, you usually need to traverse all the policies of all firewalls. Each firewall has at least hundreds of policies, and you need to judge the relevance , the strategy query efficiency is low
[0006] 2. The policy query result is inaccurate, and there are a large number of non-strongly related policies: when judging whether an IP matches a policy, it generally only judges whether the above IP is within the source IP address range or destination IP address range of this policy , this will often match more default policies between regions or address segments, resulting in more query results. There are a large number of policies that the queryer does not care about, and the query results are of little significance
[0007] 3. The efficiency of firewall policy elastic scaling is low: when the application corresponding to an IP address needs to be expanded, then the firewall policy related to this IP address also needs to be elastically expanded, and the IP address of the newly expanded node is added. This process includes querying the strong correlation of the original IP address Firewall policy, and modify the firewall policy based on the query results. The manual method is undoubtedly very inefficient, and the existing automatic methods are limited by the accuracy of the policy query results.
Therefore, the current firewall policy elastic scaling efficiency is low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Firewall policy query method and system, firewall policy elastic scaling method and system, equipment and storage medium
  • Firewall policy query method and system, firewall policy elastic scaling method and system, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments, and the embodiments cannot be repeated here one by one, but the embodiments of the present invention are not therefore limited to the following embodiments.

[0046] figure 1 It is a block diagram of steps used in the firewall policy query method of the present invention. Such as figure 1 As shown, a kind of firewall policy inquiry method of the present invention comprises:

[0047] S1. Obtain firewall policy configuration information, parse the firewall configuration information into standardized format data, and build a firewall policy information database;

[0048] S2. According to the query information, automatically determine the security zone to which the source IP address and the destination IP address in the firewall configuration information belong, and automatically determine the flow path of the source IP address and the destinatio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a firewall policy query method and system, an elastic scaling method and system, equipment, a storage medium. The firewall policy query method comprises the steps: S1, obtaining firewall policy configuration information, analyzing the firewall policy configuration information into standardized format data, and constructing a firewall policy information base; S2, automatically judging a safe area to which a source IP address and a destination IP address in the firewall configuration information belong according to the query information, and automatically judging that the source IP address and the destination IP address flow pass through firewall equipment; S3, automatically calculating strategy correlation between the query information and a firewall strategy; and feeding back a query result according to the strategy correlation.

Description

technical field [0001] The present invention relates to the technical field of network security, in particular to a firewall policy query, elastic scaling method, system, equipment, and storage medium. Background technique [0002] A firewall is a technical measure to protect computer network security. It isolates internal and external networks by establishing a corresponding network communication monitoring system on the network boundary to block network intrusion from the outside. The firewall policy refers to the regulations, rules, requirements or filtering terms to be referred to by the firewall, and the policy information generally includes information such as source IP address, destination IP address, protocol, and destination port. The firewall needs to allow or block the data flow passing through the firewall according to the firewall policy, so the firewall plays an important role in inter-zone access control and security isolation. [0003] With the growth of the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/02H04L63/0236H04L63/20H04L63/10H04L67/06
Inventor 林路
Owner CITIC AIBANK CORPORATION LIMITED
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com