×

METHOD AND SYSEM FOR UTILIZING AN EXPERT SYSTEM TO DETERMINE WHETHER TO ALTER A FIREWALL CONFIGURATION

  • US 20080172347A1
  • Filed: 01/15/2007
  • Published: 07/17/2008
  • Est. Priority Date: 01/15/2007
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method of utilizing an expert system to determine whether to alter a firewall configuration, said method comprising:

  • receiving, by an expert system of a computing system, message flow data associated with a message packet that is blocked by a firewall based on a message flow not being permitted by one or more message flow rules, said message flow associated with said message flow data, and said message flow data including a source network associated with said message packet, a destination network associated with said message packet and a destination port associated with said message packet;

    assigning, to said message flow data by said expert system, a plurality of risk values included in a predefined set of risk values, said assigning including associating each risk value of said plurality of risk values with said source network, said destination network, or said destination port;

    determining, by said expert system, a total risk value associated with said message packet, said determining said total risk value including utilizing said plurality of risk values; and

    generating, by said expert system, a proposal based on said total risk value, wherein said proposal is selected from the group consisting of a first proposal that a message flow rule that permits said message flow is to be added to said one or more message flow rules and a second proposal that said message flow rule that permits said message flow is not to be added to said one or more message flow rules.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×