ATE273591T1 - Prüfung der konfiguration einer firewall - Google Patents
Prüfung der konfiguration einer firewallInfo
- Publication number
- ATE273591T1 ATE273591T1 AT01660236T AT01660236T ATE273591T1 AT E273591 T1 ATE273591 T1 AT E273591T1 AT 01660236 T AT01660236 T AT 01660236T AT 01660236 T AT01660236 T AT 01660236T AT E273591 T1 ATE273591 T1 AT E273591T1
- Authority
- AT
- Austria
- Prior art keywords
- configuration
- rule base
- network node
- processing
- firewall
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP01660236A EP1326393B1 (de) | 2001-12-18 | 2001-12-18 | Prüfung der Konfiguration einer Firewall |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| ATE273591T1 true ATE273591T1 (de) | 2004-08-15 |
Family
ID=8183640
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AT01660236T ATE273591T1 (de) | 2001-12-18 | 2001-12-18 | Prüfung der konfiguration einer firewall |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US7406534B2 (de) |
| EP (1) | EP1326393B1 (de) |
| AT (1) | ATE273591T1 (de) |
| DE (1) | DE60104876T2 (de) |
Families Citing this family (51)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1326393B1 (de) * | 2001-12-18 | 2004-08-11 | Stonesoft Corporation | Prüfung der Konfiguration einer Firewall |
| US8209756B1 (en) | 2002-02-08 | 2012-06-26 | Juniper Networks, Inc. | Compound attack detection in a computer network |
| US6985920B2 (en) * | 2003-06-23 | 2006-01-10 | Protego Networks Inc. | Method and system for determining intra-session event correlation across network address translation devices |
| US7844731B1 (en) * | 2003-11-14 | 2010-11-30 | Symantec Corporation | Systems and methods for address spacing in a firewall cluster |
| US7496955B2 (en) * | 2003-11-24 | 2009-02-24 | Cisco Technology, Inc. | Dual mode firewall |
| US8590032B2 (en) * | 2003-12-10 | 2013-11-19 | Aventail Llc | Rule-based routing to resources through a network |
| US8661158B2 (en) | 2003-12-10 | 2014-02-25 | Aventail Llc | Smart tunneling to resources in a network |
| US7760730B2 (en) * | 2004-06-15 | 2010-07-20 | Oracle America, Inc. | Rule set verification |
| US20060053478A1 (en) * | 2004-09-08 | 2006-03-09 | International Business Machines Corporation | System, method and computer program product for control of a service request |
| WO2006044820A2 (en) | 2004-10-14 | 2006-04-27 | Aventail Corporation | Rule-based routing to resources through a network |
| WO2006049072A1 (ja) * | 2004-11-04 | 2006-05-11 | Nec Corporation | ファイアウォール検査システムおよびファイアウォール情報抽出システム |
| US11477093B2 (en) * | 2004-12-14 | 2022-10-18 | Kyndryl, Inc. | Coupling of a business component model to an information technology model |
| US8028334B2 (en) * | 2004-12-14 | 2011-09-27 | International Business Machines Corporation | Automated generation of configuration elements of an information technology system |
| US8645513B2 (en) * | 2004-12-14 | 2014-02-04 | International Business Machines Corporation | Automation of information technology system development |
| US7523092B2 (en) * | 2004-12-14 | 2009-04-21 | International Business Machines Corporation | Optimization of aspects of information technology structures |
| US7937755B1 (en) * | 2005-01-27 | 2011-05-03 | Juniper Networks, Inc. | Identification of network policy violations |
| US7797411B1 (en) | 2005-02-02 | 2010-09-14 | Juniper Networks, Inc. | Detection and prevention of encapsulated network attacks using an intermediate device |
| US8200840B1 (en) * | 2005-04-13 | 2012-06-12 | Cisco Technology, Inc. | Method and apparatus for a generic rule based engine to perform action when an event of interest transpires |
| US20070162968A1 (en) * | 2005-12-30 | 2007-07-12 | Andrew Ferreira | Rule-based network address translation |
| US7685271B1 (en) * | 2006-03-30 | 2010-03-23 | Symantec Corporation | Distributed platform for testing filtering rules |
| US8484733B2 (en) * | 2006-11-28 | 2013-07-09 | Cisco Technology, Inc. | Messaging security device |
| US8140609B2 (en) * | 2007-01-25 | 2012-03-20 | International Business Machines Corporation | Congruency and similarity of information technology (IT) structures and associated applications |
| US20080232359A1 (en) * | 2007-03-23 | 2008-09-25 | Taeho Kim | Fast packet filtering algorithm |
| US8201234B2 (en) * | 2007-05-09 | 2012-06-12 | Microsoft Corporation | Multi-profile interface specific network security policies |
| US8448220B2 (en) * | 2008-04-29 | 2013-05-21 | Mcafee, Inc. | Merge rule wizard |
| US20090300748A1 (en) * | 2008-06-02 | 2009-12-03 | Secure Computing Corporation | Rule combination in a firewall |
| US8489989B1 (en) * | 2008-07-15 | 2013-07-16 | Adobe Systems Incorporated | Methods and systems for preflighting using multiple preflight profiles |
| US8819201B2 (en) * | 2008-08-07 | 2014-08-26 | At&T Intellectual Property I, L.P. | Method and apparatus for providing routing and access control filters |
| US8924486B2 (en) | 2009-02-12 | 2014-12-30 | Sierra Wireless, Inc. | Method and system for aggregating communications |
| US8228848B2 (en) * | 2008-11-17 | 2012-07-24 | Sierra Wireless, Inc. | Method and apparatus for facilitating push communication across a network boundary |
| WO2010054471A1 (en) | 2008-11-17 | 2010-05-20 | Sierra Wireless, Inc. | Method and apparatus for network port and network address translation |
| US9063806B2 (en) * | 2009-01-29 | 2015-06-23 | Oracle International Corporation | Flex integration with a secure application |
| US9659335B2 (en) * | 2009-01-29 | 2017-05-23 | Oracle International Corporation | Sample management for a sales call |
| US20100191560A1 (en) * | 2009-01-29 | 2010-07-29 | Oracle International Corporation | Pharmaceutical Sample Management for a Sales Call |
| US9684736B2 (en) | 2009-01-29 | 2017-06-20 | Oracle International Corporation | Communication handler for flex integration with a secure application |
| US9760381B2 (en) * | 2009-01-30 | 2017-09-12 | Oracle International Corporation | Configurable toolbar |
| US8762448B2 (en) | 2009-01-30 | 2014-06-24 | Oracle International Corporation | Implementing asynchronous processes on a mobile client |
| US20100195808A1 (en) * | 2009-01-30 | 2010-08-05 | Oracle International Corporation | Adding Contacts During Personalized Content Delivery and Analytics |
| US8452640B2 (en) * | 2009-01-30 | 2013-05-28 | Oracle International Corporation | Personalized content delivery and analytics |
| US8762883B2 (en) * | 2009-01-30 | 2014-06-24 | Oracle International Corporation | Manipulation of window controls in a popup window |
| US8219854B2 (en) | 2010-03-24 | 2012-07-10 | Microsoft Corporation | Validating configuration of distributed applications |
| US9037724B2 (en) | 2011-02-08 | 2015-05-19 | Sierra Wireless, Inc. | Method and system for forwarding data between network devices |
| US20130019314A1 (en) * | 2011-07-14 | 2013-01-17 | International Business Machines Corporation | Interactive virtual patching using a web application server firewall |
| US9288186B2 (en) * | 2013-06-04 | 2016-03-15 | Cisco Technology, Inc. | Network security using encrypted subfields |
| KR20160097313A (ko) * | 2013-12-11 | 2016-08-17 | 콘티넨탈 테베스 아게 운트 코. 오하게 | 차량용 통신 시스템의 보안 게이트웨이를 동작시키기 위한 방법 |
| CN105515803B (zh) * | 2014-09-24 | 2019-01-25 | 国基电子(上海)有限公司 | 用户端设备及其配置方法 |
| US9906560B2 (en) * | 2015-08-28 | 2018-02-27 | Nicira, Inc. | Distributing remote device management attributes to service nodes for service rule processing |
| US10021117B2 (en) * | 2016-01-04 | 2018-07-10 | Bank Of America Corporation | Systems and apparatus for analyzing secure network electronic communication and endpoints |
| US9912783B2 (en) * | 2016-01-29 | 2018-03-06 | Veritas Technologies Llc | Securing internal services in a distributed environment |
| US11249710B2 (en) * | 2016-03-31 | 2022-02-15 | Splunk Inc. | Technology add-on control console |
| TWI607337B (zh) * | 2016-11-11 | 2017-12-01 | Chunghwa Telecom Co Ltd | Firewall command rule optimization system and method |
Family Cites Families (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2206713B (en) * | 1987-03-23 | 1991-11-27 | Case Group Plc | Expert and database system and method for communications networks |
| US6009475A (en) * | 1996-12-23 | 1999-12-28 | International Business Machines Corporation | Filter rule validation and administration for firewalls |
| US6173364B1 (en) * | 1997-01-15 | 2001-01-09 | At&T Corp. | Session cache and rule caching method for a dynamic filter |
| US6233686B1 (en) * | 1997-01-17 | 2001-05-15 | At & T Corp. | System and method for providing peer level access control on a network |
| US6182228B1 (en) * | 1998-08-17 | 2001-01-30 | International Business Machines Corporation | System and method for very fast IP packet filtering |
| CA2287258C (en) * | 1998-10-22 | 2004-08-10 | At&T Corp. | System and method for demand-driven loading of rules in a firewall |
| US6158010A (en) * | 1998-10-28 | 2000-12-05 | Crosslogix, Inc. | System and method for maintaining security in a distributed computer network |
| US6519636B2 (en) * | 1998-10-28 | 2003-02-11 | International Business Machines Corporation | Efficient classification, manipulation, and control of network transmissions by associating network flows with rule based functions |
| US6226372B1 (en) * | 1998-12-11 | 2001-05-01 | Securelogix Corporation | Tightly integrated cooperative telecommunications firewall and scanner with distributed capabilities |
| US6615357B1 (en) * | 1999-01-29 | 2003-09-02 | International Business Machines Corporation | System and method for network address translation integration with IP security |
| US6839850B1 (en) * | 1999-03-04 | 2005-01-04 | Prc, Inc. | Method and system for detecting intrusion into and misuse of a data processing system |
| US7240368B1 (en) * | 1999-04-14 | 2007-07-03 | Verizon Corporate Services Group Inc. | Intrusion and misuse deterrence system employing a virtual network |
| AU5789500A (en) | 1999-07-09 | 2001-01-30 | Burnham Institute, The | A method for determining the prognosis of cancer patients by measuring levels ofbag expression |
| US6738909B1 (en) * | 1999-09-02 | 2004-05-18 | International Business Machines Corporation | Method and apparatus for automatic configuration for internet protocol security tunnels in a distributed data processing system |
| US6684244B1 (en) * | 2000-01-07 | 2004-01-27 | Hewlett-Packard Development Company, Lp. | Aggregated policy deployment and status propagation in network management systems |
| US6772223B1 (en) * | 2000-04-10 | 2004-08-03 | International Business Machines Corporation | Configurable classification interface for networking devices supporting multiple action packet handling rules |
| US6772214B1 (en) * | 2000-04-27 | 2004-08-03 | Novell, Inc. | System and method for filtering of web-based content stored on a proxy cache server |
| US7039053B1 (en) * | 2001-02-28 | 2006-05-02 | 3Com Corporation | Packet filter policy verification system |
| US20030074248A1 (en) * | 2001-03-31 | 2003-04-17 | Braud Kristopher P. | Method and system for assimilating data from disparate, ancillary systems onto an enterprise system |
| US6816455B2 (en) * | 2001-05-09 | 2004-11-09 | Telecom Italia S.P.A. | Dynamic packet filter utilizing session tracking |
| US6947983B2 (en) * | 2001-06-22 | 2005-09-20 | International Business Machines Corporation | Method and system for exploiting likelihood in filter rule enforcement |
| US7027446B2 (en) * | 2001-07-18 | 2006-04-11 | P-Cube Ltd. | Method and apparatus for set intersection rule matching |
| US7386525B2 (en) * | 2001-09-21 | 2008-06-10 | Stonesoft Corporation | Data packet filtering |
| EP1326393B1 (de) * | 2001-12-18 | 2004-08-11 | Stonesoft Corporation | Prüfung der Konfiguration einer Firewall |
-
2001
- 2001-12-18 EP EP01660236A patent/EP1326393B1/de not_active Expired - Lifetime
- 2001-12-18 DE DE60104876T patent/DE60104876T2/de not_active Expired - Lifetime
- 2001-12-18 AT AT01660236T patent/ATE273591T1/de not_active IP Right Cessation
-
2002
- 2002-12-18 US US10/321,851 patent/US7406534B2/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| DE60104876D1 (de) | 2004-09-16 |
| EP1326393A1 (de) | 2003-07-09 |
| DE60104876T2 (de) | 2004-12-23 |
| US20030149766A1 (en) | 2003-08-07 |
| US7406534B2 (en) | 2008-07-29 |
| EP1326393B1 (de) | 2004-08-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| ATE273591T1 (de) | Prüfung der konfiguration einer firewall | |
| US7665128B2 (en) | Method and apparatus for reducing firewall rules | |
| ATE373367T1 (de) | System und verfahren zur unnumerierten netzwerkverbindung-erkennung | |
| WO2003084137A3 (en) | Methods for identifying network traffic flows | |
| DE602005021353D1 (de) | Erweiterungen zur filterung von ipv6-kopfteilen | |
| IL172516A0 (en) | Security checking program for communication between networks | |
| WO2007036786A3 (en) | Application layer metrics monitoring | |
| ATE519323T1 (de) | Sicherung von ldap (lightweight directory access protocol) verkehr | |
| ATE376731T1 (de) | Automatische entdeckung und konfiguration von externen netzwerkeinrichtungen | |
| DK1700421T3 (da) | Fremgangsmåde til at administrere netværk ved analyse af konnektivitet | |
| US9894074B2 (en) | Method and system for extracting access control list | |
| DE60328478D1 (de) | Verfahren, vorrichtung und computerprogrammprodukt zur überprüfung der sicheren verwendung von routingadresseninformationen einer drahtlosen endgeräteeinrichtung in einem drahtlosen lokalnetz | |
| ATE519298T1 (de) | Verfahren zur paketklassifizierung basierend auf dem protokolltyp und auf prioritäten | |
| EP2023567B1 (de) | Verwaltung von Konflikten in Sicherheitsregeln | |
| US20060187842A1 (en) | Best path routing | |
| DE60235987D1 (de) | Zuweisen von domain-namen (dns), wodurch zugang zu datenbanken gewährt wird | |
| ATE463100T1 (de) | Verfahren und netzwerkelement zur verbesserung der fehlerverwaltung in verwalteten netzen und computerprogram dafür | |
| CN109391590A (zh) | 一种面向网络访问控制的规则描述方法及构建方法、介质 | |
| KR101359372B1 (ko) | DHCPv6 패킷을 이용한 네트워크 내 호스트 동작 상태 확인 및 탐색 방법 | |
| ATE302531T1 (de) | Verfahren und vorrichtung zur verbesserung der leistungsfähigkeit in mehrfachdienstnetzwerken | |
| CN103986800A (zh) | 一种基于arp的动态式ip资源管理方法及其系统 | |
| KR20040038168A (ko) | 패킷 마킹을 이용한 인터넷 보안서비스 방법 및 시스템 | |
| KR101490227B1 (ko) | 트래픽 제어 방법 및 장치 | |
| KR100759819B1 (ko) | IPv6 패킷의 확장헤더를 검사하는 장치 및 방법 | |
| Zaliva | Platform-independent firewall policy representation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| RER | Ceased as to paragraph 5 lit. 3 law introducing patent treaties |