WO2023075584A3 - Method for deploying a new firewall security policy in a computer network - Google Patents
Method for deploying a new firewall security policy in a computer network Download PDFInfo
- Publication number
- WO2023075584A3 WO2023075584A3 PCT/MA2022/050014 MA2022050014W WO2023075584A3 WO 2023075584 A3 WO2023075584 A3 WO 2023075584A3 MA 2022050014 W MA2022050014 W MA 2022050014W WO 2023075584 A3 WO2023075584 A3 WO 2023075584A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- policy
- deploying
- new
- security policy
- security
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention relates to a method for deploying a new firewall security for computer networks in order to attenuate the various risks of a current policy. The procedure involves updating an initial security policy (I) on the basis of an algorithm that automates this procedure and minimizes the inherent security risks at the time a new security policy (T) is deployed. This is achieved by creating an intermediate policy (R) that progressively receives the new rules (T) to be implemented and in a specific order. The deployment procedure according to the invention comes to an end when the policy (R) is equal to the target policy (T).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MA54776A MA54776B1 (en) | 2021-10-29 | 2021-10-29 | Method for deploying a new firewall security policy in a computer network. |
MA54776 | 2021-10-29 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2023075584A2 WO2023075584A2 (en) | 2023-05-04 |
WO2023075584A3 true WO2023075584A3 (en) | 2023-07-27 |
Family
ID=86160130
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/MA2022/050014 WO2023075584A2 (en) | 2021-10-29 | 2022-11-14 | Method for deploying a new firewall security policy in a computer network |
Country Status (2)
Country | Link |
---|---|
MA (1) | MA54776B1 (en) |
WO (1) | WO2023075584A2 (en) |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2872983A1 (en) | 2004-07-09 | 2006-01-13 | Thomson Licensing Sa | FIREWALL PROTECTION SYSTEM FOR A COMMUNITY OF APPLIANCES, APPARATUS PARTICIPATING IN THE SYSTEM AND METHOD FOR UPDATING FIREWALL RULES WITHIN THE SYSTEM |
US8099774B2 (en) | 2006-10-30 | 2012-01-17 | Microsoft Corporation | Dynamic updating of firewall parameters |
CN108650222B (en) | 2018-03-29 | 2020-10-02 | 华付云技术(深圳)有限公司 | Firewall rule updating method and system based on stretching filtering |
-
2021
- 2021-10-29 MA MA54776A patent/MA54776B1/en unknown
-
2022
- 2022-11-14 WO PCT/MA2022/050014 patent/WO2023075584A2/en unknown
Non-Patent Citations (3)
Title |
---|
AHMED ZEESHAN ET AL: "Safe and Efficient Strategies for Updating Firewall Policies", 30 August 2010, SAT 2015 18TH INTERNATIONAL CONFERENCE, AUSTIN, TX, USA, SEPTEMBER 24-27, 2015; [LECTURE NOTES IN COMPUTER SCIENCE; LECT.NOTES COMPUTER], SPRINGER, BERLIN, HEIDELBERG, PAGE(S) 45 - 57, ISBN: 978-3-540-74549-5, XP047440429 * |
ALI KARTIT: "Performance Evaluation of Enhancedgreedy-Two-Phase Deployment Algorithm", INTERNATIONAL JOURNAL OF NETWORK SECURITY & ITS APPLICATIONS, vol. 5, no. 4, 31 July 2013 (2013-07-31), pages 155 - 162, XP093033933, ISSN: 0975-2307, Retrieved from the Internet <URL:https://airccse.org/journal/nsa/5413nsa12.pdf> DOI: 10.5121/ijnsa.2013.5412 * |
ZHANG CHARLES C. ET AL: "On the Safety and Efficiency of Firewall Policy Deployment", 2007 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP '07), 1 May 2007 (2007-05-01), pages 33 - 50, XP093033983, Retrieved from the Internet <URL:http://www.cse.cuhk.edu.hk/~cslui/CSC7221/2008_PAPERS/safety_SSP_2007.pdf> DOI: 10.1109/SP.2007.32 * |
Also Published As
Publication number | Publication date |
---|---|
MA54776A1 (en) | 2023-05-31 |
WO2023075584A2 (en) | 2023-05-04 |
MA54776B1 (en) | 2023-09-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20090007218A1 (en) | Switched-Based Network Security | |
WO2007098052A3 (en) | Peer based network access control | |
WO2017041656A1 (en) | Traffic processing method, device and system | |
US20130316638A1 (en) | Wideband intelligent jamming control apparatus and method | |
US11671405B2 (en) | Dynamic filter generation and distribution within computer networks | |
US10681057B2 (en) | Device and method for controlling a communication network | |
WO2023075584A3 (en) | Method for deploying a new firewall security policy in a computer network | |
KR20160036201A (en) | Abnormal communication interception apparatus and method | |
EP4236186A3 (en) | Network coordination for crosslink interference mitigation | |
Smith et al. | Multidefender security games on networks | |
CN112769850A (en) | Network message filtering method, electronic equipment and storage medium | |
EP3687117B8 (en) | Systems and methods for isolating network traffic of multiple users across networks of computing platforms | |
Afroz et al. | Performance analysis of adaptive noise canceller employing NLMS Algorithm | |
Gold | The SCADA challenge: securing critical infrastructure | |
Dolezilek et al. | Cybersecurity based on IEC 62351 and IEC 62443 for IEC 61850 systems | |
CN111447203B (en) | Security policy arranging method | |
Moore | Targeting technology: Mapping military offensive network operations | |
EP4038839A4 (en) | Methods and systems for management and control of communication network | |
Barchinezhad et al. | Compensation of linear attacks to cyber physical systems through arx system identification | |
CN103841095A (en) | Firewall rule updating method based on bigraph | |
Abdelaziz et al. | Low-complexity digital predistortion for reducing power amplifier spurious emissions in spectrally-agile flexible radio | |
JP2014174349A (en) | Active silencer and active silencing method | |
Argyris et al. | Post-processing of long-haul and ethernet optical transmission signals using photonic reservoir computing | |
CN104883345A (en) | Network security feature automatic deployment method and system | |
Zhou et al. | Risk Assessment Method for Host Nodes in Software Defined Networking |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22830964 Country of ref document: EP Kind code of ref document: A2 |