中圖分類號：TP393.09文獻標識碼：ADOI:10.19358/j.issn.2097-1788.2025.06.004
引用格式：李沛婷，陳飛，魯知朋. 防火墻安全策略配置與分析方法研究［J］.網絡安全與數據治理，2025，44（6）：28-35.

Research on firewall security policy configuration and analysis methods

Abstract： This paper proposes a firewall security policy configuration and analysis method based on traffic data. Firstly, process data is collected, followed by traffic detection based on attack and malicious code feature libraries as well as rule feature libraries. The traffic data is analyzed by matching characteristic behaviors, and abnormal traffic data is marked to obtain the traffic analysis results. Based on the abnormal traffic alarm information, firewall security policies are generated to detect and block abnormal traffic, achieving automatic policy generation. Finally, rules and processes for security policy analysis are proposed to implement a security policy analysis method. This enables the generation of firewall security policy optimization recommendations to assist administrators in completing security policy configuration and optimization, improving operation and maintenance efficiency, and meeting the needs of rapid system deployment and dynamic policy adjustments.

Key words : traffic data; feature library; security policy auto-generation; firewall policy; security policy optimization recommendations