Method and system for management of security rule set
First Claim
1. A method of automated managing an ordered set of security rules implemented at a plurality of security gateways, the method comprising:
- obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request;
analyzing routing tables of the plurality of the security gateways;
generating ranking the security gateways in accordance with their relevance to the unfitting connectivity request;
selecting one or more security gateways with the highest ranking; and
implementing a configuration change required in order to facilitate allowance of the unfitting connectivity request at the one or more selected security gateways.
5 Assignments
0 Petitions
Accused Products
Abstract
There are provided a method of automated managing an ordered set of security rules implemented at a plurality of security gateways and a system thereof. The method comprises obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; analyzing routing tables of the plurality of the security gateways; generating ranking the security gateways in accordance with their relevance to the unfitting connectivity request; selecting one or more security gateways with the highest ranking; and implementing a configuration change required in order to facilitate allowance of the unfitting connectivity request at the one or more selected security gateways.
14 Citations
20 Claims
-
1. A method of automated managing an ordered set of security rules implemented at a plurality of security gateways, the method comprising:
-
obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; analyzing routing tables of the plurality of the security gateways; generating ranking the security gateways in accordance with their relevance to the unfitting connectivity request; selecting one or more security gateways with the highest ranking; and implementing a configuration change required in order to facilitate allowance of the unfitting connectivity request at the one or more selected security gateways. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computerized system capable of managing an ordered set of security rules implemented at a plurality of security gateways, the system comprising a non-transitory computer readable storage medium comprising computer readable instructions executable by the system for:
-
obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; analyzing routing tables of the plurality of the security gateways; generating ranking the security gateways in accordance with their relevance to the unfitting connectivity request; selecting one or more security gateways with the highest ranking; and implementing a configuration change required in order to facilitate allowance of the unfitting connectivity request at the one or more selected security gateways. - View Dependent Claims (18, 19, 20)
-
Specification