US Patent No. 10,659,498

SYSTEMS AND METHODS FOR SECURITY CONFIGURATION


Patent No. 10,659,498
Issue Date May 19, 2020
Title Systems And Methods For Security Configuration
Inventorship Ross R. Kinder, Ann Arbor, MI (US)
Jon R. Ramsey, Atlanta, GA (US)
Timothy M. Vidas, Omaha, NE (US)
Robert Danford, Boulder, CO (US)
Assignee SecureWorks Corp., Wilmington, DE (US)

Claim of US Patent No. 10,659,498

1. A network security device comprising:a memory configured to:
store a plurality of network events; and
store a set of network filter rules; and
a hardware processor connected to the memory, the hardware processor configured to:
receive a change to a set of network rules;
perform a first simulation of network traffic allowed and denied according to the current set of network rules and a second simulation of network traffic allowed and denied according to the changed set of network rules, the first simulation and second simulation utilizing at least a portion of the network events;
evaluate the use of computational resources during the first and second simulation;
calculate an entropy of strings matching a wildcard of a new network rule of the changed set of network rules to determine if the changed network rule is too broad;
provide an indication of the changes in allowed and denied traffic and the entropy of the new network rule for review of the changed set of network rules;
provide an indication of a performance impact of the changed set of network rules or rejecting the changed set of rules if the performance impact crosses a threshold;
receive an instruction to implement the changed set of network rules based on the review; and
filter network traffic according to the changed set of network rules.