Invention Grant
- Patent Title: Detector tree for detecting rule anomalies in a firewall policy
-
Application No.: US15332629Application Date: 2016-10-24
-
Publication No.: US10021071B2Publication Date: 2018-07-10
- Inventor: Vinuth Tulasi , Arnav Shrivastava , Srivathsa Sarangapani
- Applicant: Juniper Networks, Inc.
- Applicant Address: US CA Sunnyvale
- Assignee: Juniper Networks, Inc.
- Current Assignee: Juniper Networks, Inc.
- Current Assignee Address: US CA Sunnyvale
- Agency: Harrity & Harrity, LLP
- Main IPC: G06F17/00
- IPC: G06F17/00 ; H04L29/06
Abstract:
A device may receive rule information, associated with a firewall policy, that includes a set of N rules. The device may add a rule, of the set of N rules, to a detector tree associated with the firewall policy. The device may identify other rules to which the rule is to be compared. The other rules may be included in the set of N rules, and may include a quantity of rules approximately equal to a result of a logarithm to base 2 of N. The device may compare the rule and the other rules, and may detect a rule anomaly based on comparing the rule to the other rules. The rule anomaly may be associated with a conflict between the rule and a particular rule of the other rules. The device may identify the rule anomaly within the detector tree, and may output information regarding the rule anomaly.
Public/Granted literature
- US20170041294A1 DETECTOR TREE FOR DETECTING RULE ANOMALIES IN A FIREWALL POLICY Public/Granted day:2017-02-09
Information query
