SYSTEM AND METHOD FOR APPLYING RULE SETS AND RULE INTERACTIONS
First Claim
Patent Images
1. A method, comprising:
- determining relationships between a plurality of existing rules in a rule set of a firewall used to screen the incoming data of the network, wherein the relationships include cause interactions and effect interactions among the existing rules;
creating a representation of the relationships including the cause interactions and effect interactions;
receiving a new rule to be inserted into the rule set;
inserting further relationships between the new rule and the existing rules into the representation to create a modified representation; and
determining, based on the modified representation, if a conflict is created by insertion of the new rule in the rule set.
4 Assignments
0 Petitions
Accused Products
Abstract
Described is a system and method for determining relationships between a plurality of existing rules in a rule set, wherein the relationships include cause interactions and effect interactions among the existing rules, creating a representation of the relationships including the cause interactions and effect interactions, receiving a new rule to be inserted into the rule set and determining if a conflict is created by insertion of the new rule in the rule set.
57 Citations
20 Claims
-
1. A method, comprising:
-
determining relationships between a plurality of existing rules in a rule set of a firewall used to screen the incoming data of the network, wherein the relationships include cause interactions and effect interactions among the existing rules; creating a representation of the relationships including the cause interactions and effect interactions; receiving a new rule to be inserted into the rule set; inserting further relationships between the new rule and the existing rules into the representation to create a modified representation; and determining, based on the modified representation, if a conflict is created by insertion of the new rule in the rule set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for screening incoming data of a network, comprising:
-
means for determining relationships between a plurality of existing rules in a rule set of a firewall used to screen the incoming data of the network, wherein the relationships include cause interactions and effect interactions among the existing rules; means for creating a representation of the relationships including the cause interactions and effect interactions; means for receiving a new rule to be inserted into the rule set; means for inserting further relationships between the new rule and the existing rules into the representation to create a modified representation; and means for determining, based on the modified representation, if a conflict is created by insertion of the new rule in the rule set. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification