Method and system for management of security rule set
First Claim
1. A method of automated managing a security rule-set, the method comprising:
- a. obtaining data characterizing a connectivity request;
b. automated recognizing all possible combinations of values in the connectivity request;
c. automated verifying each combination of values in the connectivity request against a first rule-set;
d. calculating one or more values characterizing relative amount of satisfied and dissatisfied combinations in the request;
e. automated comparing the calculated values or derivatives thereof with a predefined threshold; and
f. automated classifying the connectivity request in accordance with comparison results.
4 Assignments
0 Petitions
Accused Products
Abstract
There are provided a method of automated managing two or more security rule-sets and a system thereof. The method comprises: obtaining data characterizing a first rule-set and a second rule-set; automated recognizing all possible combinations of values in the first and the second rule-sets; automated verifying each combination of values in the second rule-set against the first rule-set; calculating one or more values characterizing the differences in allowable and rejectable traffic in the first rule-set and the second rule-set; automated comparing the calculated values and/or derivatives thereof with a predefined threshold; and automated classifying the relationship between the first rule-set and the second rule-set in accordance with comparison results. The method may further comprise obtaining a connectivity request; automated verifying each combination of values in the connectivity request against the first rule-set and the second rule-set; and automated classifying the second rule-set with regard to the connectivity request, wherein the second rule-set comprises extra allowable traffic resulting from amending the first rule set.
29 Citations
22 Claims
-
1. A method of automated managing a security rule-set, the method comprising:
-
a. obtaining data characterizing a connectivity request; b. automated recognizing all possible combinations of values in the connectivity request; c. automated verifying each combination of values in the connectivity request against a first rule-set; d. calculating one or more values characterizing relative amount of satisfied and dissatisfied combinations in the request; e. automated comparing the calculated values or derivatives thereof with a predefined threshold; and f. automated classifying the connectivity request in accordance with comparison results. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system capable of automated managing a security rule-set, the system comprising:
-
a. an interface operable to obtain data characterizing a connectivity request; b. means for automated recognizing all possible combinations of values in the connectivity request; c. means for automated verifying each combination of values in the connectivity request against a first rule-set; d. means for automated calculating one or more values characterizing relative amount of satisfied and dissatisfied combinations in the request; e. means for automated comparing the calculated values or derivatives thereof with a predefined threshold; and f. means for automated classifying the connectivity request in accordance with comparison results. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method of automated managing two or more security rule-sets, the method comprising:
-
a. obtaining data characterizing a first rule-set and a second rule-set; b. automated recognizing all possible combinations of values in the first and the second rule-sets; c. automated verifying each combination of values in the second rule-set against the first rule-set; d. calculating one or more values characterizing the differences in allowable and rejectable traffic in the first rule-set and the second rule-set; e. automated comparing the calculated values or derivatives thereof with a predefined threshold; and f. automated classifying the relationship between the first rule-set and the second rule-set in accordance with comparison results. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A system capable of automated managing a security rule-set, the system comprising:
-
a. means for obtaining data characterizing a first rule-set and a second rule-set; b. means for automated recognizing all possible combinations of values in the first and the second rule-sets; c. means for automated verifying each combination of values in the second rule-set against the first rule-set; d. means for calculating one or more values characterizing the differences in allowable and rejectable traffic in the first rule-set and the second rule-set; e. means for automated comparing the calculated values or derivatives thereof with a predefined threshold; and f. means for automated classifying the relationship between the first rule-set and the second rule-set in accordance with comparison results. - View Dependent Claims (20, 21, 22)
-
Specification