| 发明名称 |
Method and apparatus for graphical presentation of firewall security policy |
| 摘要 |
A graphical representation of the firewall and a network coupled to the firewall is generated and displayed. A number of an inbound port of the network is displayed. An arrow adjacent to the port number pointing toward the network is displayed to indicate that a communication is permitted to the port. The port number and the arrow are located between an icon for the network and an icon for the firewall. A port number of a destination of a communication originating from the network is displayed. Also, another arrow adjacent to the destination port number pointing toward the firewall is displayed to indicate that a communication is permitted to the destination port number. The destination port number and the other arrow are located between an icon for the network and an icon for the firewall. A table including definitions of a plurality of rules is generated and displayed. Each of the definitions includes entries for a source IP address and destination IP address of a permitted but vulnerable data flow. The source IP address and destination IP address entries are color coded to indicate security levels of respective source and destination networks. Another table includes definitions of a misconfigured data flow, and entries for a source IP address and destination IP address of the misconfigured data flow. The source IP address and destination IP address are color coded to indicate security levels of respective source network and destination network.
|
| 申请公布号 |
US2006041936(A1) |
申请公布日期 |
2006.02.23 |
| 申请号 |
US20040922500 |
申请日期 |
2004.08.19 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
ANDERSON BROOKE M.;BUNN WILLIAM C.;KARNES MARY;LIEBERMAN SARAH M.;WILCZEK MIRA E. |
| 分类号 |
G06F15/16 |
主分类号 |
G06F15/16 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
