计算机应用与软件Issue(8):292-295,4.DOI:10.3969/j.issn.1000-386x.2015.08.069
多防火墙技术在企业网络安全中的研究及应用
RESEARCH AND APPLICATION OF MULTI-FIREWALL TECHNOLOGY IN ENTERPRISE NETWORK SECURITY
摘要
Abstract
The complexity of firewall is known to increase along with the increase of its rule set size.Empirical studies show that as the rule set growing larger, the number of configuration errors on a firewall increases sharply, while the performance of the firewall degrades. When designing a security-sensitive network, it is critical to construct the network topology and its routing structure carefully in order to re-duce the size of firewall rule sets, which helps lower the chance of security loopholes and prevent performance bottleneck.This paper presents a heuristic solution for the problem of how the maximum multi-firewall rule set can be minimised during the topology design of network and during the operation of routing tables'construction.By simulations we prove the effectiveness of the algorithm.Simulation testing results show that the proposed algorithm reduces the size of multi-firewall rule set comparing with other algorithms.关键词
多防火墙/规则集/启发式方法/路由Key words
Multi-firewall/Rule sets/Heuristic solution/Route分类
信息技术与安全科学引用本文复制引用
尹西杰,徐建国..多防火墙技术在企业网络安全中的研究及应用[J].计算机应用与软件,2015,(8):292-295,4.基金项目
国家自然科学基金项目(61073178)。 ()
