Access network dynamic firewall
First Claim
1. A network system comprising:
- a network, wherein the network includes a network edge point configured to provide access to the network; and
a terminal, wherein the terminal is coupled to the network edge point and communicates with the network via the network edge point;
wherein the network edge point includes a security policy associated with the terminal, and controls network communications between the network and the terminal according to the security policy.
3 Assignments
0 Petitions
Accused Products
Abstract
A network system includes a network edge point configured to provide a terminal with access to a network. The network edge point includes a security policy associated with the terminal, and controls communications between the network and the terminal according to the security policy. The security policy may include a personal filter downloaded from the terminal, a service filter downloaded from a service policy server, and/or a domain filter downloaded from a domain policy server. The terminal may access the network through a second network edge point. The second network edge point may download one or more of the filters from the first network edge point, and control communications between the network and the terminal according to the security policy.
200 Citations
26 Claims
-
1. A network system comprising:
-
a network, wherein the network includes a network edge point configured to provide access to the network; and
a terminal, wherein the terminal is coupled to the network edge point and communicates with the network via the network edge point;
wherein the network edge point includes a security policy associated with the terminal, and controls network communications between the network and the terminal according to the security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 16, 17, 18, 19)
-
-
10. A method of securing communications in a network, comprising the steps of:
-
sending a service filter from a service policy server to a network edge point;
sending a personal filter from a terminal to the network edge point;
integrating the service filter and the personal filter into an integrated filter table; and
filtering traffic at the network edge point according to the integrated filter table. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
20. A method of securing communications in a network, comprising the steps of:
-
sending a personal filter from a terminal to a first network edge point;
sending the personal filter from the first network edge point to the second network edge point; and
filtering traffic at the second network edge point according to the personal filter. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
Specification