摘要
面对网络规模的无限量扩大以及新型攻击的不断出现,企业开始采用多级防火墙机制加强对整个网络的安全保护。然而这种保护机制同时向人们提出了如何保证策略与策略之间无异常的问题。因此,从防火墙底层的规则入手,主要针对防火墙的包过滤规则,定义了规则之间可能存在的异常,同时提出相应的检测算法以及基于WBEM架构的异常检测系统,在解决策略异常问题的同时实现防火墙策略整体上的对外一致性。
With the development of Internet and the emergency of new attacks, enterprises adopt cascaded firewalls to protect their network. While this way is effective, administrators also encounter the problem of how to avoid anomalies caused by different policies. So starting from the low-level rules, particularly on the filtering rules, different anomalies were identified and also algorithm used to discover anomalies and a WBEM-based model used to rectify the anomalies were propased, which not only solved anomaly discovery problem but realized the coherence of the whole policies as well.
出处
《计算机工程与设计》
CSCD
北大核心
2005年第10期2785-2787,共3页
Computer Engineering and Design
关键词
多级防火墙
包过滤规则
策略异常
基于web的企业管理
策略编辑器
策略服务器
cascade-firewalls
packets filtering rules
policies anomaly
WBEM (Web-based Enterprise Management)
policy editor
police service
