Firewall technique is a major measure to solve network security problems for enterprises. However, firewall efficiency is compromised by lots of tuple-comparisons. In this research, we established a Markov model for package matching statistics and prediction based on status investi- gation of rules matching in rule table. Then an optimization method which sorts the rules ranking is proposed, and the theoretical demonstration is provided as well. The experiment proved that this method (1) reduces the total operation of package matching; (2) improves the speed and effective of firewall filtering; and (3) adept to large rules set. The result also could be used to some package classification system. Keywords: firewall rules sort, Markov model, firewall policy, tuple-comparison
展开▼