-
公开(公告)号:US20170126624A1
公开(公告)日:2017-05-04
申请号:US15405178
申请日:2017-01-12
发明人: Neta Amit , Eran Harel , Abraham Nathan , Nevet Basker
IPC分类号: H04L29/06
CPC分类号: H04L63/0245 , H04L45/74 , H04L63/0263 , H04L63/105 , Y02T10/862
摘要: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first- or second-phase verification fails, then the request is denied.
-
公开(公告)号:US20160301665A1
公开(公告)日:2016-10-13
申请号:US15093001
申请日:2016-04-07
发明人: Neta Amit , Eran Harel , Abraham Nathan , Nevet Basker
IPC分类号: H04L29/06
CPC分类号: H04L63/0245 , H04L45/74 , H04L63/0263 , H04L63/105 , Y02T10/862
摘要: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first- or second-phase verification fails, then the request is denied.
摘要翻译: 公开了防火墙的两相过滤。 在第一个通用阶段,请求被过滤以验证以下一个或多个请求:请求是否依赖于支持的协议,允许请求的命令,请求的长度不超过允许的最大值 该命令,并且该请求的字符是允许的类型。 在进行第一阶段验证时,会调用第二阶段,该阶段对请求的协议是特定的。 在第二个专业阶段,请求被过滤以验证请求的源,目的地和内容中的一个或多个。 经第二阶段验证后,允许该请求通过。 如果第一阶段或第二阶段验证失败,则请求被拒绝。
-
公开(公告)号:US09596214B2
公开(公告)日:2017-03-14
申请号:US15093001
申请日:2016-04-07
发明人: Neta Amit , Eran Harel , Abraham Nathan , Nevet Basker
CPC分类号: H04L63/0245 , H04L45/74 , H04L63/0263 , H04L63/105 , Y02T10/862
摘要: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first- or second-phase verification fails, then the request is denied.
摘要翻译: 公开了防火墙的两相过滤。 在第一个通用阶段,请求被过滤以验证以下一个或多个请求:请求是否依赖于支持的协议,允许请求的命令,请求的长度不超过允许的最大值 该命令,并且该请求的字符是允许的类型。 在进行第一阶段验证时,会调用第二阶段,该阶段特定于请求的协议。 在第二个专业阶段,请求被过滤以验证请求的源,目的地和内容中的一个或多个。 经第二阶段验证后,允许该请求通过。 如果第一阶段或第二阶段验证失败,则请求被拒绝。
-
-