CN114047967A - Policy generation management method and system based on policy simulator - Google Patents

Policy generation management method and system based on policy simulator Download PDF

Info

Publication number
CN114047967A
CN114047967A CN202111236778.9A CN202111236778A CN114047967A CN 114047967 A CN114047967 A CN 114047967A CN 202111236778 A CN202111236778 A CN 202111236778A CN 114047967 A CN114047967 A CN 114047967A
Authority
CN
China
Prior art keywords
strategy
policy
simulator
configuration file
configuration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111236778.9A
Other languages
Chinese (zh)
Inventor
陈丽娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Topsec Technology Co Ltd
Beijing Topsec Network Security Technology Co Ltd
Beijing Topsec Software Co Ltd
Original Assignee
Beijing Topsec Technology Co Ltd
Beijing Topsec Network Security Technology Co Ltd
Beijing Topsec Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Topsec Technology Co Ltd, Beijing Topsec Network Security Technology Co Ltd, Beijing Topsec Software Co Ltd filed Critical Beijing Topsec Technology Co Ltd
Priority to CN202111236778.9A priority Critical patent/CN114047967A/en
Publication of CN114047967A publication Critical patent/CN114047967A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/546Message passing systems or structures, e.g. queues
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/54Indexing scheme relating to G06F9/54
    • G06F2209/547Messaging middleware
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/54Indexing scheme relating to G06F9/54
    • G06F2209/548Queue

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The application discloses a strategy generation management method and a strategy generation management system based on a strategy simulator, wherein the method comprises the following steps: acquiring a strategy simulator; establishing a connection with a strategy simulator; generating a corresponding strategy configuration file through strategy simulator configuration based on the strategy generation requirement; and distributing the configured policy configuration file to the corresponding security equipment. According to the method and the device, the connection with the strategy simulator is established, the corresponding strategy configuration file is generated through the configuration of the strategy simulator, the configured strategy configuration file is distributed to the corresponding safety equipment, the strategy configuration file of the safety equipment is prevented from being configured or modified in a mode of rewriting or modifying the corresponding service code as far as possible, the strategy configuration of the safety equipment is convenient, the time for generating and configuring the strategy is shortened, and the working efficiency is improved.

Description

Policy generation management method and system based on policy simulator
Technical Field
The invention relates to the field of computer security policies, in particular to a policy generation management method and a policy generation management system based on a policy simulator.
Background
At present, network security devices include a firewall that helps a computer network to construct a relative isolation protection barrier between an internal network and an external network, a WEB site Application protection system waf (WEB Application firewall) that provides protection for WEB applications by executing a series of security policies for HTTP/HTTPs, and a virtual Private network vpn (virtual Private network) that realizes network access by encrypting data packets and converting destination addresses of the data packets, and different network security devices need to execute different security policies to protect network security in different ranges due to different requirements.
In the related art, a set of policy configuration files are correspondingly generated by a set of security devices, the traditional policy configuration files are realized by manually writing codes, and when the setting of the security devices needs to be modified, the configured policies are realized by writing or modifying corresponding service codes again.
With respect to the related art among the above, the inventors consider that the related art has the following drawbacks: when the policy corresponding to the security device needs to be modified, the corresponding service code needs to be written or modified, so that the support and modification of the policy management are inconvenient.
Disclosure of Invention
In order to solve the problem that when the strategies of different safety devices are modified, the strategy service codes need to be newly added and modified, so that the support for strategy management and the modification are inconvenient, the strategy generation management method and the strategy generation management system based on the strategy simulator are provided.
The strategy generation management method and system based on the strategy simulator adopt the following technical scheme:
a strategy generation management method and system based on a strategy simulator comprises the following steps:
acquiring a strategy simulator;
establishing a connection with the policy simulator;
generating a corresponding strategy configuration file through the strategy simulator configuration based on the strategy generation requirement;
and distributing the configured policy configuration file to the corresponding security equipment.
By adopting the technical scheme, when the strategy corresponding to the safety equipment needs to be modified, the strategy simulator corresponding to the safety equipment is manufactured, the connection with the strategy simulator is established, the corresponding strategy configuration file is generated through the configuration of the strategy simulator, the configured strategy configuration file is distributed to the corresponding safety equipment, and the strategy configuration file of the safety equipment is prevented from being configured or modified in a mode of rewriting or modifying the corresponding service code as much as possible, so that the strategy configuration of the safety equipment is more convenient, the time for generating and configuring the strategy is reduced, and the working efficiency is increased.
Optionally, the establishing a connection with the policy simulator includes:
receiving the policy simulator;
starting the strategy simulator to enable the strategy simulator to generate a process port;
and connecting with the strategy simulator through the process port.
By adopting the technical scheme, the strategy generation configuration management based on the strategy simulator is convenient to be carried out through the process port.
Optionally, the generating a corresponding policy configuration file through the configuration of the policy simulator based on the policy generation requirement includes:
acquiring a strategy template based on the strategy simulator, wherein the strategy template comprises a configuration interface and strategy configuration options required by a configuration strategy;
and configuring the configuration options and the configuration interface in the policy template based on the policy generation requirement so as to generate a policy configuration file of the corresponding security device.
By adopting the technical scheme, when a policy generation requirement exists, the policy template can be modified through the configuration interface and the policy configuration options, and the policy template is edited into the corresponding policy configuration file, so that the configuration of the policy configuration file is quicker, and the policy configuration efficiency is improved.
Optionally, the configuring the configuration options and the configuration interface in the policy template based on the policy generation requirement so as to generate the policy configuration file of the corresponding security device includes:
editing the strategy template through the configuration options and the configuration interface based on the strategy generation requirement;
and generating a corresponding strategy configuration file after the editing is finished, and closing the strategy simulator.
By adopting the technical scheme, the strategy simulator is closed after the edition is finished, and the system memory occupied by the strategy simulator is reduced.
Optionally, before distributing the configured policy configuration file to the corresponding security device, the method further includes:
judging whether the strategy configuration file needs to be modified or not;
if not, no modification is carried out;
and if so, modifying the policy configuration file based on the policy modification requirement, wherein the modification range comprises adding, deleting, correcting and checking the policy content.
By adopting the technical scheme, the strategy configuration file can be modified according to the modification requirement, so that the strategy configuration file meets the latest requirement of the safety equipment, the strategy can be distributed to the corresponding safety equipment, whether the strategy needs to be modified or not is judged, and the strategy configuration content deployed at the safety equipment is more accurate.
Optionally, the distributing the configured policy configuration file to the corresponding security device includes:
sending the configured strategy configuration file to a message queue;
and synchronously distributing the strategy configuration file to the corresponding safety equipment through the message queue.
By adopting the technical scheme, the strategy configuration file is distributed in a message queue mode, the request corresponding time between the strategy simulator and the safety equipment is reduced, and the strategy synchronization efficiency and the strategy content safety are improved.
A policy simulator-based policy generation management system comprising: the strategy simulator obtaining module is used for obtaining a strategy simulator;
a connection module for establishing a connection with the policy simulator;
the strategy configuration file generation module is used for generating a corresponding strategy configuration file through the strategy simulator configuration based on the strategy generation requirement;
and the policy configuration file distribution module is used for distributing the configured policy configuration file to the corresponding security equipment.
By adopting the technical scheme, the connection module establishes connection with the strategy simulator, the strategy configuration file generation module generates a corresponding strategy configuration file through the strategy simulator configuration based on the strategy generation requirement, and the strategy configuration file distribution module distributes the configured strategy configuration file to the corresponding safety equipment.
Optionally, the system further includes a policy modification module, where the policy modification module includes:
the strategy adding unit is used for adding the strategy content in the strategy configuration file;
the strategy deleting unit is used for deleting the strategy content in the strategy configuration file;
the strategy correcting unit is used for correcting the strategy content in the strategy configuration file;
the strategy checking unit is used for checking the strategy content in the strategy configuration file;
and the strategy saving unit is used for saving the strategy content in the strategy configuration file.
By adopting the technical scheme, the strategy adding unit adds the strategy contents in the strategy configuration file, the strategy deleting unit deletes the strategy contents in the strategy configuration file, the strategy correcting unit corrects the strategy contents in the strategy configuration file, the strategy checking unit checks the strategy contents in the strategy configuration file, and the strategy storing unit stores the strategy contents in the strategy configuration file.
In summary, the present application includes at least one of the following beneficial technical effects:
1. the corresponding strategy configuration file is generated through the strategy simulator configuration, the configured strategy configuration file is distributed to the corresponding safety equipment, the strategy of the safety equipment does not need to be configured in the form of rewriting or modifying the corresponding service code, the strategy configuration of the safety equipment is convenient, and the working efficiency is improved.
Drawings
FIG. 1 is a schematic flowchart of an embodiment of a policy generation management method based on a policy simulator according to the present application;
FIG. 2 is a schematic flowchart illustrating a step S1200 in an embodiment of a policy generation management method based on a policy simulator according to the present application;
FIG. 3 is a schematic flowchart illustrating a step S1300 in an embodiment of the policy generation management method based on a policy simulator according to the present application;
fig. 4 is a schematic flowchart of step S3200 in an embodiment of the policy generation management method based on a policy simulator according to the present application;
FIG. 5 is a schematic flowchart illustrating a step before step S1400 in an embodiment of a policy generation management method based on a policy simulator according to the present application;
fig. 6 is a schematic flowchart of step S1400 in an embodiment of the policy generation management method based on the policy simulator according to the present application.
Detailed Description
The present application is described in further detail below with reference to the attached drawings.
The embodiment of the application discloses a strategy generation management method and system based on a strategy simulator. Referring to fig. 1, the policy generation management method based on the policy simulator includes the following steps:
s1100, acquiring a strategy simulator.
When the policy simulator is obtained, policy generation software is manufactured according to policy type requirements, then the policy generation software is modified according to policy support requirements, the policy generation software also comprises a bottom layer configuration file, the supported policy types such as address policy or firewall policy can be managed by modifying the bottom layer configuration file of the policy generation software, so that the policy modification software supports different policy types, and then the modified policy modification software is defined as the policy simulator, so that the policy simulator can support generation of different policy configuration files to configure policy contents corresponding to different security devices.
S1200, connection with the strategy simulator is established.
Before connection with the simulator is established, relevant operations cannot be carried out based on the simulator, and the connection with the simulator can be established so that the strategy simulator can be operated to carry out corresponding configuration on the strategy template.
S1300, generating a corresponding strategy configuration file through strategy simulator configuration based on the strategy generation requirement.
The policy generation requirement is a requirement of a security policy which is required to be configured currently by the security device, wherein the security policy comprises disabling corresponding network services, modifying corresponding configuration, limiting access control authority, whether system upgrade is required or not and the like, and a corresponding policy configuration file can be generated based on the policy requirement.
And S1400, distributing the configured policy configuration file to the corresponding security equipment.
After the security device receives the corresponding policy configuration file, the security device performs corresponding configuration by executing the policy in the policy configuration file, so that the security level and the corresponding security measure of the security device can be adjusted, the memory of the network device is saved, security damage behaviors or attacks are prevented in a targeted manner, and the protection effect on the network space is better.
The implementation principle of the policy generation management method based on the policy simulator in the embodiment of the application is as follows: when the strategy corresponding to the security equipment needs to be modified, the connection with the strategy simulator is established, the corresponding strategy configuration file is generated through the configuration of the strategy simulator, the configured strategy configuration file is distributed to the corresponding security equipment, and the strategy configuration file of the security equipment is prevented from being configured or modified in a mode of rewriting or modifying the corresponding service code as much as possible, so that the strategy configuration of the security equipment is more convenient, and the working efficiency is increased.
Referring to fig. 2, establishing a connection with a policy simulator includes the steps of:
s2100, receiving a strategy simulator.
The strategy simulator is packaged in a UPT package mode, the UPT package is an extension of the packaged strategy simulator, the UPT is a self-defined file extension, and when the strategy simulator needs to be unpacked, the strategy simulator needs to be opened through a decompression tool corresponding to the UPT package, so that the strategy simulator has tightness.
S2200, starting the strategy simulator to enable the strategy simulator to generate a process port.
The process port is an outlet for data circulation with the strategy simulator, and corresponding commands are executed through the process port, so that the strategy simulator is controlled.
And S2300, connecting the strategy simulator through the process port.
After the connection is completed, the control of the policy simulator can be completed through the process port, for example, the shutdown of the policy simulator can be completed through the process port executing a corresponding command, and data communication can be performed between the policy simulator and the process port, for example, a policy configuration file configured by the policy simulator can be received through the process port.
The implementation principle of establishing the connection with the policy simulator in the embodiment of the application is as follows: after receiving the strategy simulator, the strategy simulator is connected with the strategy simulator through the process port, so that data communication can be carried out between the process port of the strategy simulator and the strategy simulator, and the strategy simulator can be managed.
Referring to fig. 3, generating a corresponding policy configuration file through policy simulator configuration based on a policy generation requirement includes the following steps:
s3100, obtaining a strategy template based on the strategy simulator, wherein the strategy template comprises a configuration interface and strategy configuration options required by the configuration strategy.
The CDP protocol is a private two-layer network protocol promoted by cisco, and the CDP protocol devices can share information about operating system software version, IP address and the like among devices directly connected with the CDP protocol cisco devices by operating the CDP protocol cisco devices, so that the information sent by the CDP protocol contains some sensitive information, which easily causes potential safety hazard to the network, and therefore the CDP protocol is forbidden in a specific state, and the security devices can forbid the protocol by executing corresponding strategies.
S3200, configuring the configuration options and the configuration interface in the policy template based on the policy generation requirement so as to generate a policy configuration file corresponding to the security device.
The policy generation requirement is a policy required for the security device to perform security protection in a targeted manner according to the network space state and the actual requirement, the same security device has different policies executed under different use environments, for example, the same route is adopted, because the corresponding function settings are different, the route mainly plays a role in IP address conversion and distribution in the intranet, some intranet routes can be replaced by a switch, when the router is connected with the public network, the corresponding policy is required to be executed for performing network protection, for example, the Finger service of the route can be closed through the corresponding policy, the Finger protocol allows a user on the network to obtain a user list which currently uses a specific reason selection device, which is more likely to cause the generation of information leakage behavior, and needs to be closed under some circumstances, so the security policy setting of the intranet routes is different from the security policy setting of the public network, the policy configuration file is a file for storing a security policy by the security device, and the security device can execute the corresponding policy through the policy configuration file.
The implementation principle of generating the corresponding policy configuration file through the configuration of the policy simulator based on the policy generation requirement in the embodiment of the application is as follows: by establishing the strategy template, configuration of configuration options and a configuration interface in the strategy template is enabled, so that the strategy can be configured and generated, and the strategy configuration efficiency is increased.
Referring to fig. 4, configuring the configuration options and the configuration interface in the policy template based on the policy generation requirement to generate a policy configuration file corresponding to the security device, includes the following steps:
s4100, editing the strategy template through the configuration options and the configuration interface based on the strategy generation requirement.
The policy generation requirement is a requirement for performing relevant setting on the security device, for example, when the policy requirement is a firewall-related policy, the policy generation requirement may be to deny access to a specific IP address or to close a specific service with a security risk, and the like. The strategy simulator can support strategy configuration file generation work of a plurality of same safety devices in a mode of modifying strategy templates, different strategy simulators comprise different kinds of strategy templates, and the strategy simulator can cover strategy file configuration work of a plurality of different kinds of safety devices through the plurality of different strategy simulators, such as the strategy simulator of the A version, after a process is started, the strategy simulator can be used for generating the strategy template of the A version corresponding to the safety devices of the A type, and when the strategy needs to be configured on the safety devices of the B type, the strategy simulator of the B version corresponding to the safety devices of the B type can be started to generate the strategy template of the B version corresponding to the safety devices of the B type.
And S4200, generating a corresponding policy configuration file after editing is completed, and closing the policy simulator.
The security device can execute the corresponding strategy through the strategy configuration file, the corresponding strategy configuration file can be generated after the strategy configuration file is edited, and the strategy simulator is closed at the moment, so that the occupation of the strategy simulator on the memory is reduced.
The implementation principle of configuring the configuration options and the configuration interface in the policy template based on the policy generation requirement so as to generate the policy configuration file of the corresponding security device in the embodiment of the application is as follows: and configuring configuration options and a configuration interface in the policy template according to the policy generation requirement, generating a policy configuration file executed aiming at the specified security equipment after the configuration is finished, and closing the policy simulator to reduce the occupation of the memory.
Referring to fig. 5, before distributing the configured policy configuration file to the corresponding security device, the following steps are further included:
s5100, judging whether the strategy configuration file needs to be modified.
The security device needs to perform corresponding check before executing the related policy in the policy configuration file, so as to reduce errors occurring in the policy configuration process, or judge whether a new policy configuration requirement exists, and facilitate corresponding modification when a new policy configuration requirement exists.
S5200, if not, not modifying.
And S5300, if so, modifying the policy configuration file based on the policy modification requirement, wherein the modification range comprises adding, deleting, modifying, correcting and checking the policy content.
When configuration errors occur, the corresponding policy configuration file needs to be modified again, errors generated in policy configuration are avoided as much as possible, and the method comprises the steps of adding, deleting, modifying, correcting, rechecking and the like of the policies until the policy configuration is correct.
The implementation principle of the embodiment of the application is as follows: through the check of the strategy configuration file, the strategy configuration file with configuration errors can be modified, and the errors generated in the strategy configuration process are reduced.
Referring to fig. 6, distributing the configured policy configuration file to the corresponding security device includes the following steps:
s6100, sending the configured strategy configuration file to a message queue.
The message queue is a container for storing messages in the transmission process of the messages, in the embodiment, the message queue is used for storing a policy configuration file, the messages in the message queue are the policy configuration file, two ends of the message queue are a policy configuration file distributing end and a receiving end respectively, in the embodiment, the distributing end of the messages is a policy simulator, the receiving end is a safety device, and when the safety device does not receive the policy configuration file in the message queue, the policy configuration file is still stored in the message queue until the safety device successfully receives the policy configuration file.
S6200, synchronously distributing the strategy configuration file to the corresponding safety equipment through the message queue.
The policy simulator and the security device can perform asynchronous processing conveniently through the message queue, request response time between the policy simulator and the security device is reduced, and policy synchronization efficiency and policy content security are improved.
The implementation principle of distributing the configured policy configuration file to the corresponding security device in the embodiment of the present application is as follows: and distributing the policy configuration file to the corresponding security equipment in a message queue mode, so that the request response time between the policy simulator and the security equipment is reduced.
A policy simulator-based policy generation management system comprising:
the strategy simulator obtaining module is used for obtaining a strategy simulator;
the connection module is used for establishing connection with the strategy simulator;
the strategy configuration file generation module is used for generating a corresponding strategy configuration file through the configuration of the strategy simulator based on the strategy generation requirement;
and the policy configuration file distribution module is used for distributing the configured policy configuration file to the corresponding security equipment.
The implementation principle of the policy generation management method and system based on the policy simulator in the embodiment of the application is as follows: the strategy simulator obtaining module obtains the strategy simulator, the connection module establishes connection with the strategy simulator, the strategy configuration file generating module generates a corresponding strategy configuration file through strategy simulator configuration based on strategy generating requirements, and the strategy configuration file distributing module distributes the configured strategy configuration file to corresponding safety equipment.
The above embodiments are preferred embodiments of the present application, and the protection scope of the present application is not limited by the above embodiments, so: all equivalent changes made according to the structure, shape and principle of the present application shall be covered by the protection scope of the present application.

Claims (8)

1. A strategy generation management method based on a strategy simulator is characterized by comprising the following steps:
acquiring a strategy simulator;
establishing a connection with the policy simulator;
generating a corresponding strategy configuration file through the strategy simulator configuration based on the strategy generation requirement;
and distributing the configured policy configuration file to the corresponding security equipment.
2. The method of claim 1, wherein establishing the connection with the policy simulator comprises:
receiving the policy simulator;
starting the strategy simulator to enable the strategy simulator to generate a process port;
and connecting with the strategy simulator through the process port.
3. The method of claim 1, wherein generating a corresponding policy profile based on the policy generation requirements by the policy simulator configuration comprises:
acquiring a strategy template based on the strategy simulator, wherein the strategy template comprises a configuration interface and strategy configuration options required by a configuration strategy;
and configuring the configuration options and the configuration interface in the policy template based on the policy generation requirement so as to generate a policy configuration file of the corresponding security device.
4. The method of claim 3, wherein configuring the configuration options and the configuration interface in the policy template based on the policy generation requirement causes generation of a policy configuration file for the corresponding security device, comprising:
editing the strategy template through the configuration options and the configuration interface based on the strategy generation requirement;
and generating a corresponding strategy configuration file after the editing is finished, and closing the strategy simulator.
5. The method of claim 1, wherein distributing the configured policy configuration file to the corresponding security device further comprises:
judging whether the strategy configuration file needs to be modified or not;
if not, no modification is carried out;
and if so, modifying the policy configuration file based on the policy modification requirement, wherein the modification range comprises adding, deleting, modifying, correcting and checking the policy content.
6. The method of claim 1, wherein distributing the configured policy configuration file to the corresponding security device comprises:
sending the configured strategy configuration file to a message queue;
and synchronously distributing the strategy configuration file to the corresponding safety equipment through the message queue.
7. A policy generation management system based on a policy simulator, comprising:
the strategy simulator obtaining module is used for obtaining a strategy simulator;
a connection module for establishing a connection with the policy simulator;
the strategy configuration file generation module is used for generating a corresponding strategy configuration file through the strategy simulator configuration based on the strategy generation requirement;
and the policy configuration file distribution module is used for distributing the configured policy configuration file to the corresponding security equipment.
8. The system of claim 7, further comprising a policy modification module, the policy modification module comprising:
the strategy adding unit is used for adding the strategy content in the strategy configuration file;
the strategy deleting unit is used for saving the strategy content in the strategy configuration file;
the strategy modifying unit is used for modifying the strategy content in the strategy configuration file;
the strategy checking unit is used for checking the strategy content in the strategy configuration file;
and the strategy saving unit is used for deleting the strategy contents in the strategy configuration file.
CN202111236778.9A 2021-10-23 2021-10-23 Policy generation management method and system based on policy simulator Pending CN114047967A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111236778.9A CN114047967A (en) 2021-10-23 2021-10-23 Policy generation management method and system based on policy simulator

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111236778.9A CN114047967A (en) 2021-10-23 2021-10-23 Policy generation management method and system based on policy simulator

Publications (1)

Publication Number Publication Date
CN114047967A true CN114047967A (en) 2022-02-15

Family

ID=80206125

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111236778.9A Pending CN114047967A (en) 2021-10-23 2021-10-23 Policy generation management method and system based on policy simulator

Country Status (1)

Country Link
CN (1) CN114047967A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1988478A (en) * 2006-12-14 2007-06-27 上海交通大学 Integrated tactic managing system based on expandable label language
CN103607305A (en) * 2013-11-26 2014-02-26 北京华胜天成科技股份有限公司 Distributed network strategy implementation method and device
CN108462676A (en) * 2017-02-20 2018-08-28 中兴通讯股份有限公司 The management method and device of Network Security Device
CN109729075A (en) * 2018-12-13 2019-05-07 国云科技股份有限公司 A kind of cloud platform component safety strategy implementation method
CN109858286A (en) * 2018-12-07 2019-06-07 赵耘田 For the security policy manager system of credible calculating platform
CN110430206A (en) * 2019-08-13 2019-11-08 上海新炬网络技术有限公司 Based on script template metaplasia at the method for configuration firewall security policy
CN112615856A (en) * 2020-12-16 2021-04-06 上海道客网络科技有限公司 Multi-cluster network security policy management and control method and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1988478A (en) * 2006-12-14 2007-06-27 上海交通大学 Integrated tactic managing system based on expandable label language
CN103607305A (en) * 2013-11-26 2014-02-26 北京华胜天成科技股份有限公司 Distributed network strategy implementation method and device
CN108462676A (en) * 2017-02-20 2018-08-28 中兴通讯股份有限公司 The management method and device of Network Security Device
CN109858286A (en) * 2018-12-07 2019-06-07 赵耘田 For the security policy manager system of credible calculating platform
CN109729075A (en) * 2018-12-13 2019-05-07 国云科技股份有限公司 A kind of cloud platform component safety strategy implementation method
CN110430206A (en) * 2019-08-13 2019-11-08 上海新炬网络技术有限公司 Based on script template metaplasia at the method for configuration firewall security policy
CN112615856A (en) * 2020-12-16 2021-04-06 上海道客网络科技有限公司 Multi-cluster network security policy management and control method and system

Similar Documents

Publication Publication Date Title
US8990920B2 (en) Creating a virtual private network (VPN) for a single app on an internet-enabled device or system
AU2008248385B2 (en) Managing network components using USB keys
US11751052B2 (en) Credential information processing method and apparatus for network connection, and application (APP)
CN106851621A (en) A kind of LPA applications implementation method based on RSP and realize system
US20190387396A1 (en) ESIM Card Activation Method, Wireless Router, and User Terminal
CN104378758A (en) Access point connecting method, terminal and server
CN108322467B (en) OVS-based virtual firewall configuration method, electronic equipment and storage medium
JP4629304B2 (en) COMMUNICATION DEVICE, PROGRAM, AND RECORDING MEDIUM
CN108028749B (en) For virtualizing device, method and the system of the universal integrated circuit chip of Reprogrammable
JP2015528261A (en) Data card APN lock state control method and apparatus, data card
JP3950010B2 (en) Data processing apparatus, program, and recording medium
CN107948170A (en) Interface requests parameter encryption method, device, equipment and readable storage medium storing program for executing
US7822861B2 (en) System and method for selection of a communication network by a terminal
CN110532761A (en) A kind of method and device updating virtual machine password
CN107682196B (en) Method, system, equipment and storage medium for automatically generating and issuing distribution rule
CN114047967A (en) Policy generation management method and system based on policy simulator
KR102094315B1 (en) Network Separation System Based On Access Point Allocation Per Account
CN102377589A (en) Right management control method and terminal
WO2020135421A1 (en) Route configuration method, route update method and device
CN107124310A (en) The collocation method and device of a kind of authority
CN109587204B (en) Method and device for accessing public network and electronic equipment
CN113922972B (en) Data forwarding method and device based on MD5 identification code
CN105578498B (en) A kind of method and apparatus of terminal network management
CN111756585A (en) Network node equipment configuration method, router and server
CN106599156A (en) Dynamic interceptor management method based on struts2 interceptor

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination