METHOD OF CONFIGURING A SECURITY GATEWAY AND SYSTEM THEREOF
First Claim
1. A method of automated configuration of a security gateway, the method comprising:
- a) setting-up an initial rule-set;
b) obtaining log records of communication events corresponding to the initial rule-set so as to obtain a sufficient amount of log records;
c) transforming the obtained log records into respective rules, wherein source, destination and service fields in each rule correspond to source, destination and service values in respective obtained log record, and the action in all rules is defined as “
Accept”
, thus giving rise to a transformation-based rule-set; and
d) processing the transformation-based rule-set so as to generate an operable rule-set.
4 Assignments
0 Petitions
Accused Products
Abstract
There is provided a rule-set generator and a method of automated configuration of a security gateway. The method comprises setting-up an initial rule-set; obtaining log records of communication events corresponding to the initial rule-set so as to obtain a sufficient amount of log records; transforming the obtained log records into respective rules, wherein source, destination and service fields in each rule correspond to source, destination and service values in respective obtained log record, and the action in all rules is defined as “Accept”, thus giving rise to a transformation-based rule-set; and processing the transformation-based rule-set so as to generate an operable rule-set by processing the transformation-based rule-set.
-
Citations
27 Claims
-
1. A method of automated configuration of a security gateway, the method comprising:
-
a) setting-up an initial rule-set; b) obtaining log records of communication events corresponding to the initial rule-set so as to obtain a sufficient amount of log records; c) transforming the obtained log records into respective rules, wherein source, destination and service fields in each rule correspond to source, destination and service values in respective obtained log record, and the action in all rules is defined as “
Accept”
, thus giving rise to a transformation-based rule-set; andd) processing the transformation-based rule-set so as to generate an operable rule-set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 26, 27)
-
-
18. A rule-set generator comprising:
-
a) a first repository configured to accommodate an initial rule-set to be used for configuring a security gateway; b) a second repository configured to accommodate log records of communication events corresponding to the initial rule-set; c) a processor operatively coupled to the first repository and the second repository and configured to; i) transform said accommodated log records into respective rules, wherein source, destination and service fields in each rule correspond to source, destination and service values in respective log record, and the action in all rules is defined as “
Accept”
, thus giving rise to a transformation-based rule-set; andii) processing the transformation-based rule-set so as to generate an operable rule-set. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
-
Specification