×

Security rule database searching in a network security environment

  • US 6,347,376 B1
  • Filed: 08/12/1999
  • Issued: 02/12/2002
  • Est. Priority Date: 08/12/1999
  • Status: Expired due to Term
First Claim
Patent Images

1. A method of searching a database of security rules for a match between the values of specified attributes of a packet and the values of corresponding attributes associated with each rule, wherein the database is searched in the order of the rules containing the most specific values of attributes to the least specific values of attributes, comprisingarranging the database into a set of relatively stable static rules and one or more sets of dynamic security rules, wherein a static rule can be a placeholder for a set of dynamic rules, searching the static rules of the database for the first static rule having attributes that match the corresponding attributes of the packet, determining if the matching static rule is a placeholder for a set of dynamic rules, if the matching static rule is a placeholder for a set of dynamic rules, searching the set of dynamic rules associated with the matching static rule for a match between the packet attributes and attributes contained in the dynamic rules, and applying security processing to the packet as specified by the matching static or dynamic rule.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×