A Firewall Rules Optimized Model Based On Service-Grouping
Aiming at networks with a large number of firewall rules, in order to reduce the number of rules and rule filtering times while firewalls performance does not change, a firewall policy rules merging model based on rule-service is presented.The model detects the rules in a fast way using an algorithm based on rule service first, and then it resolves the conflicts segment by using action constraint strategy.And then it runs the rule merging algorithm in a set of rules with no anomalies based on service.Finally, the experimental results show that merging efficiency is outperformed compared with other similar rule merging models.Compared to the traditional firewall, the optimized firewall model made less filtering hits while processing the same packets.
network security firewall policy anomaly merging algorithm rule optimization
Lin Zhang Mengxing Huang
College of Information Science& Technology Hainan University Haikou ,China
国际会议
济南
英文
142-146
2015-09-11(万方平台首次上网日期,不代表论文的发表时间)