Selective auto-revocation of firewall security settings

US 20080109890A1
Filed: 11/03/2006
Published: 05/08/2008
Est. Priority Date: 11/03/2006
Status: Active Grant

First Claim

Patent Images

1. A method of managing security settings of a firewall and exceptions to security settings of the firewall in a networked environment, the method comprising:

managing security settings and exceptions based on network class to control network communication through the firewall; and

upon detection of an event, revoking at least one exception for at least one network in a specified network class.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Management of security firewall settings in a networked computing environment is described. One example embodiment includes applying security settings and exceptions to the security settings based on network class for network communication, and upon detection of an event, revoking at least one exception for at least one network in a specified class.

Citations

20 Claims

1. A method of managing security settings of a firewall and exceptions to security settings of the firewall in a networked environment, the method comprising:
- managing security settings and exceptions based on network class to control network communication through the firewall; and
  
  upon detection of an event, revoking at least one exception for at least one network in a specified network class.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 further comprising classifying a network to determine whether it is in the specified class, and automatically revoking the at least one exception based on said network class, the at least one exception including a user-enabled network security exception to a network rule managed by the firewall.
  - 3. The method of claim 1 wherein the revoked exception is an application-enabled exception to a firewall rule.
  - 4. The method of claim 1 wherein a plurality of exceptions are revoked upon detection of the event.
  - 5. The method of claim 1 wherein said revocation is based on a persistence flag associated with the at least one exception.
  - 6. The method of claim 1 wherein said event includes a change in network class, a change in network connection, or a change in network infrastructure.
  - 7. The method of claim 1 wherein said event includes a change in a network address.
  - 8. The method of claim 1 wherein said event includes a change in a risk assessment of a user.
  - 9. The method of claim 1 wherein said event includes a software download over the at least one network.
  - 10. The method of claim 1 wherein said event includes a change in a software status of software communicating with the firewall.

11. A method of managing security settings of a firewall in a networked environment, the method comprising:
- managing a security profile with at least a first security setting for network communication through the firewall, the first security setting applied to network communication over networks in a specified class;
  
  receiving a request for a second security setting including at least one exception to the first security setting in the security profile;
  
  applying said second security setting to network communication over networks in said specified class; and
  
  upon detection of an event, automatically revoking at least said at least one exception and applying said first security setting to network communication over networks in said specified class.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The method of claim 11 wherein said event includes an establishment of a new network connection to a network in the networked environment.
  - 13. The method of claim 12 further comprising classifying the network of said new network connection to determine whether the network is in the specified class, and automatically revoking said exception based on said class, said request being a user-selected request.
  - 14. The method of claim 13 further comprising monitoring a flag identifying persistence of the at least one exception, said automatic revocation further comprising automatically revoking the at least one exception when the flag identifies no persistence of the at least one exception, and maintaining the at least one exception when the flag identifies persistence of the at least one exception.
  - 15. The method of claim 11 wherein said event includes a change in a network classification.
  - 16. The method of claim 11 wherein said event includes a change in a network infrastructure, a change in a network access protection, a change in a risk assessment of a user, or a software download over the networked environment.

17. A computerized system for network communication in a networked environment having networks of a first class and networks of a second class, comprising:
- a firewall program having a plurality of selectable exceptions for each of the first and second classes, the firewall program revoking at least one exception previously enabled for networks of the first class upon a connection to a first unknown network of the first class; and
  
  maintaining at least one exception previously enabled for networks of the second class upon a connection to a second unknown network of the second class.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17 wherein the firewall program revokes all exceptions previously enabled for networks of the first class upon the connection to the first unknown network.
  - 19. The system of claim 17 further comprising a network classification program classifying networks into the first and second classes based on network characteristics including a security level, the first class including networks of a lower security level than the second class.
  - 20. The system of claim 19 wherein the firewall program further determines whether to revoke at least one exception based on whether a system shut-down preceded the connection to the first or second unknown networks.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Cuellar, Gerardo Diaz, Bahl, Pradeep, Dadhia, Rajesh

Granted Patent

US 8,214,889 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/11
CPC Class Codes

H04L 63/0263 Rule management

H04L 63/1416 Event detection, e.g. attac...

Selective auto-revocation of firewall security settings

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Selective auto-revocation of firewall security settings

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links