Method and apparatus in an application framework system for providing a port and network hardware resource firewall for distributed applications
First Claim
1. A method for managing a distributed port firewall system, the method comprising:
- configuring a port for access by a specified user during a specified time interval and denying access to all other users during the specified time interval;
deploying and starting a source endpoint firewall client;
deploying and starting a target endpoint firewall client on the specified user'"'"'s endpoint;
responsive to a request by the specified user for access to the port and responsive to a determination that the requested port is assigned to the user for use at the time requested, returning requested port to the specified user.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system, apparatus, and computer program product are presented for a distributed port firewall system. The distributed port firewall system provides mapping of port usage to application needs, application action object (AAO) used to identify the use of ports. Application action object may be opened based on endpoint and user. Port firewall “properties” are added in order to configure firewall which are only configurable by certain trusted users or applications. Different policies applied to usage and the opening of ports based on both a collection of endpoints, managed regions, or on a per endpoint basis. Beyond just allowing an application to open a port, the allowed packet types are also configured to work in conjunction with a distributed packet snooper session.
92 Citations
15 Claims
-
1. A method for managing a distributed port firewall system, the method comprising:
-
configuring a port for access by a specified user during a specified time interval and denying access to all other users during the specified time interval;
deploying and starting a source endpoint firewall client;
deploying and starting a target endpoint firewall client on the specified user'"'"'s endpoint;
responsive to a request by the specified user for access to the port and responsive to a determination that the requested port is assigned to the user for use at the time requested, returning requested port to the specified user. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer program product in a computer readable media for use in a data processing system for managing a distributed port firewall system, the computer program product comprising:
-
first instructions for configuring a port for access by a specified user during a specified time interval and denying access to all other users during the specified time interval;
second instructions for deploying and starting a source endpoint firewall client;
third instructions for deploying and starting a target endpoint firewall client on the specified user'"'"'s endpoint;
fourth instructions for responsive to a request by the specified user for access to the port and responsive to a determination that the requested port is assigned to the user for use at the time requested, returning requested port to the specified user. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system for managing a distributed port firewall system, the system comprising:
-
first means for configuring a port for access by a specified user during a specified time interval and denying access to all other users during the specified time interval;
second means for deploying and starting a source endpoint firewall client;
third means for deploying and starting a target endpoint firewall client on the specified user'"'"'s endpoint;
fourth means for responsive to a request by the specified user for access to the port and responsive to a determination that the requested port is assigned to the user for use at the time requested, returning requested port to the specified user. - View Dependent Claims (12, 13, 14, 15)
-
Specification