| In this paper, distributed firewall tiered model, it adopted the same level with the organization's hierarchical structure to organize the entire distributed firewall, the node of a host in prevous distributed firewall model can be extended to a small distribution Firewall, so that the entire distributed firewall can be constructed from bottom to top; in the formulation and distribution of policy, use the process from top to bottom, making aclear division of the formulation and management of policy. at the same time, the rules of abnormal Detection distributed to every time of formulation of policy, making the scale anomaly detection greatly reduced.In discussing the details of the realization of this model, in order to get the conflict-detection algorithm applicable to the model, first introduced the firewall rules may exist between, and on this basis has introduced various policy anomaly in a single internal firewall, distributed firewall environment and on the distributed firewall tiered model.Finally, disucss the conflict-detection algorithm applicable to the distributed firewall tiered model. Inprove the algorithm of Grid of tries so that it can be detected in addition to related abnormalities, can detect shielding of the abnormal, redundant abnormal And generalized abnormal, and then appleied the algorithm the of distributed firewall tiered model. Discuss the realization and time complexity of the algorithm and make the corresponding test. |
PDF Full Text Request