Protecting network devices by a firewall
First Claim
Patent Images
1. A computer-implemented method, comprising:
- receiving, by a first computer system implementing a first gateway to a private network, a connection request from a client device, wherein the private network comprises one or more network devices;
after receiving the connection request, receiving, by the first computer system, a client access list indicating those of the network devices in the private network that are allowed to communicate with the client device;
starting, on the first computer system, a firewall service for a first network tunnel between the client device and the first gateway;
deriving, by the first computer system, a set of firewall rules from the client access list; and
applying, by the firewall service, the set of firewall rules to selectively block and allow network traffic between the client device and the one or more network devices in the private network.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods provide for management of a gateway. In one embodiment, a method includes: in response to a request from a client device, establishing, by a computer system implementing a gateway to a private network, a network tunnel between the client device and the gateway; and starting a firewall service with a set of firewall rules on the computer system for selectively blocking and allowing network traffic between the client device and one or more network devices in the private network.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
receiving, by a first computer system implementing a first gateway to a private network, a connection request from a client device, wherein the private network comprises one or more network devices; after receiving the connection request, receiving, by the first computer system, a client access list indicating those of the network devices in the private network that are allowed to communicate with the client device; starting, on the first computer system, a firewall service for a first network tunnel between the client device and the first gateway; deriving, by the first computer system, a set of firewall rules from the client access list; and applying, by the firewall service, the set of firewall rules to selectively block and allow network traffic between the client device and the one or more network devices in the private network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system, comprising:
-
at least one processor; and memory storing instructions configured to instruct the at least one processor to; receive, by a first computer system implementing a first gateway to a private network, a connection request from a client device, wherein the private network comprises one or more network devices; after receiving the connection request, receive, by the first computer system, a client access list indicating those of the network devices in the private network that are allowed to communicate with the client device; start, on the first computer system, a firewall service for a first network tunnel between the client device and the first gateway; derive, by the first computer system, a set of firewall rules from the client access list; and apply, by the firewall service, the set of firewall rules to selectively block and allow network traffic between the client device and the one or more network devices in the private network.
-
-
20. A non-transitory computer readable storage medium storing computer-readable instructions, which when executed, cause a first computer system implementing a first gateway to a private network to at least:
-
receive, by the first computer system, a connection request from a client device, wherein the private network comprises one or more network devices; after receiving the connection request, receive, by the first computer system, a client access list indicating those of the network devices in the private network that are allowed to communicate with the client device; start, on the first computer system, a firewall service for a first network tunnel between the client device and the first gateway; derive, by the first computer system, a set of firewall rules from the client access list; and apply, by the firewall service, the set of firewall rules to selectively block and allow network traffic between the client device and the one or more network devices in the private network.
-
Specification