Methodology for configuring network firewall

US 20060041935A1
Filed: 08/17/2004
Published: 02/23/2006
Est. Priority Date: 08/17/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method for configuring filter parameters for a network firewall, comprising:

receiving first user input corresponding to a global set of firewall configuration parameters;

monitoring network traffic traversing a network segment, the network traffic characterized by a stream of data packets;

extracting, from each of said data packets, associated information corresponding to a core set of data parameters;

storing the associated information as a respective log entry in a database, thereby to generate a database of log entries;

establishing a set of proposed filter parameters from said log entries and the global set of firewall configuration parameters;

generating, from said set of proposed filter parameters, a set of final filter parameters based on second user input.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a method for configuring filter parameters for a network firewall whereby information corresponding to a core set of data parameters is extracted from each of a plurality of data packets traversing a network segment. The extracted information is stored as a respective log entry within a database. A set of proposed filter parameters is established from the log entries and a final set of filter parameters is generated from the proposed filter parameters.

57 Citations

View as Search Results

17 Claims

1. A method for configuring filter parameters for a network firewall, comprising:
- receiving first user input corresponding to a global set of firewall configuration parameters;
  
  monitoring network traffic traversing a network segment, the network traffic characterized by a stream of data packets;
  
  extracting, from each of said data packets, associated information corresponding to a core set of data parameters;
  
  storing the associated information as a respective log entry in a database, thereby to generate a database of log entries;
  
  establishing a set of proposed filter parameters from said log entries and the global set of firewall configuration parameters;
  
  generating, from said set of proposed filter parameters, a set of final filter parameters based on second user input.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method according to claim 1 whereby the first user input is stored in a configuration file.
  - 3. A method according to claim 2 whereby the first user input corresponds to a user'"'"'s desire to either restrict or allow transmission of network traffic along the network segment based on packet direction.
  - 4. A method according to claim 2 whereby the first user input corresponds to a user'"'"'s desire, with respect to each inbound data packet traversing the network segment, to either restrict or allow packet transmission based on a group of filtering criteria selected from one or more of a source IP address, a destination IP address, a source LAN, a destination LAN, a source IP port, a destination IP port, a protocol and a time.
  - 5. A method according to claim 2 whereby the first user input corresponds to a network administrator'"'"'s desire, with respect to each outbound data packet traversing the network segment, to either restrict or allow packet transmission based on group of filtering criteria selected from one or more of a source IP address, a destination IP address, a source LAN, a destination LAN, a source IP port, a destination IP port, a protocol and a time.
  - 6. A method according to claim 1 whereby the network traffic is monitored using a network sniffer.
  - 7. A method according to claim 6 whereby said network sniffer is tcpdump.
  - 8. A method according to claim 1 whereby the core set of data parameters includes one or more of each data packet'"'"'s associated source IP address, destination IP address, source LAN, destination LAN, source IP port, destination IP port, protocol and time.
  - 9. A method according to claim 1 whereby each of the final filter parameters is generated after interactively interfacing with a user to receive the second user input.
  - 10. A method according to claim 1 whereby said second user input corresponds to a user'"'"'s desire to either accept or reject each of said proposed filter parameters.

11. A method for configuring filter parameters for a network firewall, comprising:
- (a) while online;
  
  (i) extracting, from each of a plurality of data packets traversing a network segment, associated information corresponding to a core set of data parameters;
  
  (b) storing the associated information within a database as a respective log entry; and
  
  (c) while offline;
  
  (i) establishing, from log entries with said database, a set of proposed filter parameters based upon first user input; and
  
  (ii) generating, from said set of proposed filter parameters, a set of final filter parameters based on second user input.
- View Dependent Claims (12, 13, 14, 15, 17)
- - 12. A method according to claim 11 whereby the first user input corresponds to a user'"'"'s desire to either restrict or allow transmission of network traffic along the network segment based on packet direction.
  - 13. A method according to claim 11 whereby the first user input corresponds to a user'"'"'s desire, with respect to each inbound data packet traversing the network segment, to either restrict or allow packet transmission based on a group of filtering criteria selected from one or more of a source IP address, a destination IP address, a source LAN, a destination LAN, a source IP port, a destination IP port, a protocol and a time.
  - 14. A method according to claim 13 whereby the first user input corresponds to a network administrator'"'"'s desire, with respect to each outbound data packet traversing the network segment, to either restrict or allow packet transmission based on group of filtering criteria selected from one or more of a source IP address, a destination IP address, a source LAN, a destination LAN, a source IP port, a destination IP port, a protocol and a time.
  - 15. A method according to claim 11 whereby the core set of data parameters includes each data packet'"'"'s associated source IP address, destination IP address, source LAN, destination LAN, source IP port, destination IP port, protocol and time.
  - 17. A method according to claim 11 whereby said second user input corresponds to a user'"'"'s desire to either accept or reject each of said proposed filter parameters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sytex, Inc. (Leidos Holdings, Inc.)
Original Assignee
Sytex, Inc. (Leidos Holdings, Inc.)
Inventors
Cole, Eric B., Conley, James Walter

Application Number

US10/920,699
Publication Number

US 20060041935A1
Time in Patent Office

Days
Field of Search
US Class Current

726/11
CPC Class Codes

H04L 63/0227 Filtering policies mail mes...

Methodology for configuring network firewall

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

57 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Methodology for configuring network firewall

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links