摘要 |
<p>There is provided a rule-set generator and a method of automated configuration of a security gateway. The rule-set generator comprises a first repository configured to accommodate an initial set of conditions; a second repository configured to accommodate log records of communication events; and a processor operatively coupled to the first repository and the second repository and comprising a generator of transformation-based rule-set adapted for generating a transformation-based rule-set by transforming those accommodated log records which correspond to the initial set of conditions into respective rules, wherein values of fields engaged in each rule are generated as corresponding to values of fields in respective log record, and the action is generated as corresponding to the initial set of conditions; and wherein the processor is further configured to process the transformation-based rule-set so as to generate an operable rule-set.</p> |