| 摘要 |
<p>PROBLEM TO BE SOLVED: To enhance a method for analyzing a network gateway. SOLUTION: The method for analyzing gateways 120, 150 having packet filter processing configuration files 125, 155 including rules in a network 100 includes a step where a firewall analysis tool 200 generates a gateway zone graph applying modeling to the network, a step where the firewall analysis tool 200 receives a questionnaire to inquire about whether or not a given service is permitted between a source address and a destination address, and a step where the firewall analysis tool 200 evaluates the questionnaire through the collation with each rule relating to each gateway node in a gate way zone graph encountered between the source address and the destination address. At least one gateway acts like a packet filter processing machine. The questionnaire includes the source, the destination and the service host group.</p> |
