×

Method and system for mapping between connectivity requests and a security rule set

  • US 8,914,841 B2
  • Filed: 11/23/2011
  • Issued: 12/16/2014
  • Est. Priority Date: 11/24/2010
  • Status: Active Grant
First Claim
Patent Images

1. A system capable of automatically mapping between a connectivity request and an ordered security rule-set, the system comprising:

  • a memory;

    an interface operable to obtain data characterizing a first plurality of combinations of values specified in at least one connectivity request;

    a processor operatively coupled to the interface and the memory, the processor to;

    automatically recognize at least one rule within the rule-set, said rule controlling at least part of traffic requested in said at least one connectivity request, wherein the recognizing is provided by comparing the first plurality of combinations specified in the connectivity request with at least one second plurality of combinations, each of said at least one second plurality being firstly specified by a respective rule within the rule-set and matches connectivity-related actions specified in said at least one connectivity request;

    automatically evaluate a ratio between an un-shadowed volume requested by said at least one connectivity request in said recognized at least one rule and the overall un-shadowed volume of said recognized at least one rule, thereby giving rise to a conformity ratio characterizing the relationship between said at least one connectivity request and said recognized at least one rule, wherein the evaluation results indicate if said at least one connectivity request requires rule-set amendments in order to be accepted; and

    automatically classify said at least one connectivity request with respect to said at least one rule and/or said at least one rule with respect to said at least one connectivity request in accordance with said conformity ratio, wherein a classifying result is indicative of involvement of said recognized at least one rule in business needs associated with said at least one connectivity request.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×