×

System, method, and computer program for preventing infections from spreading in a network environment using dynamic application of a firewall policy

  • US 10,701,036 B2
  • Filed: 06/27/2016
  • Issued: 06/30/2020
  • Est. Priority Date: 08/24/2011
  • Status: Active Grant
First Claim
Patent Images

1. One or more non-transitory computer readable media comprising code for execution, wherein the code is executable by one or more processors to:

  • detect, by a first node in a network protected from unauthorized external access, a threat that is received at the first node from a source node in the network, the network including at least a plurality of nodes having respective security modules, and wherein the threat is at least one of a violation of a network policy or a violation of a system policy;

    create, at the first node, a first firewall policy to block incoming network requests associated with a source address of the source node and outgoing network requests to the source address of the source node, in response to the first node detecting the threat;

    block incoming network requests received at the first node from the source node by applying the first firewall policy at the first node;

    broadcast an alert from the first node to the respective security modules of the plurality of nodes in the network, wherein the broadcast alert comprises the first firewall policy to be applied by the plurality of nodes;

    determine, by the first node, whether the source node includes a firewall module; and

    communicate, from the first node to the source node, based at least in part on the determination that the source node includes the firewall module, a second firewall policy to be applied by the source node to block outgoing network requests from the source node to the plurality of nodes in the network and to block network requests received at the source node from other nodes.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×