摘要
从解决日常防火墙运维工作中的困难和问题出发,文章基于JSON开发了防火墙策略标准化工具,实现对不同格式的防火墙策略的统一管理。同时,对策略进行分类,在此之上提出了一种策略标准化配置方法。通过比对主机开放端口与防火墙策略,提出了一种策略优化方法,可有效解决策略冗余、交叉、高风险等问题,提高了防火墙策略维护效率,提升了信息系统的安全与稳定。
To solve the difficulties and problems in daily firewall operation and maintenance work,this paper develops a tool of firewall policy standardization based on JSON to achieve unified management of different formats of firewall policies and presents a standardization configuration method of firewall policies based on the classification of policies.By comparing the open ports of hosts and firewall policies,this paper proposes a strategy optimization method to solve the problems of redundancy,crossover,high risk of policies effectively.The method improves the maintenance of firewall policies efficiency and increases security and stability of information systems.
作者
许珂
杨旭东
范玉强
XU Ke;YANG Xudong;FAN Yuqiang(Information and Communication Company,State Grid Sichuan Electric Power Company,Chengdu 610041,China)
出处
《电力信息与通信技术》
2020年第2期43-48,共6页
Electric Power Information and Communication Technology
关键词
防火墙策略
JSON
策略标准化
策略优化
firewall policy
JSON
standardization of policy
optimization of policy