网络安全与数据治理2025,Vol.44Issue(6):28-35,8.DOI:10.19358/j.issn.2097-1788.2025.06.004
防火墙安全策略配置与分析方法研究
Research on firewall security policy configuration and analysis methods
李沛婷 1陈飞 1鲁知朋1
作者信息
- 1. 中国电子科技集团公司第三十研究所,四川 成都 610041
- 折叠
摘要
Abstract
This paper proposes a firewall security policy configuration and analysis method based on traffic data.Firstly,process data is collected,followed by traffic detection based on attack and malicious code feature libraries as well as rule feature libraries.The traffic data is analyzed by matching characteristic behaviors,and abnormal traffic data is marked to obtain the traffic analysis results.Based on the abnormal traffic alarm information,firewall security policies are generated to detect and block abnormal traf-fic,achieving automatic policy generation.Finally,rules and processes for security policy analysis are proposed to implement a security policy analysis method.This enables the generation of firewall security policy optimization recommendations to assist ad-ministrators in completing security policy configuration and optimization,improving operation and maintenance efficiency,and meeting the needs of rapid system deployment and dynamic policy adjustments.关键词
流量数据/特征库/策略自动生成/防火墙策略/安全策略优化建议Key words
traffic data/feature library/security policy auto-generation/firewall policy/security policy optimization recommendations分类
信息技术与安全科学引用本文复制引用
李沛婷,陈飞,鲁知朋..防火墙安全策略配置与分析方法研究[J].网络安全与数据治理,2025,44(6):28-35,8.
