Incorporating network connection security levels into firewall rules
First Claim
Patent Images
1. A method for configuring a firewall for use in a computer system that comprises at least one first device disposed inside the firewall and at least one second device disposed outside the firewall, the method comprising an act of:
- (A) establishing at least one rule for the firewall that determines at least one filtering function that the firewall performs on communications between the at least one first device and the at least one second device, wherein the at least one rule employs at least one filtering parameter that is based on at least one connection security level established for a connection between the at least one first device and the at least one second device.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention are directed to establishing and/or implementing firewall rules that may employ parameters based on connection security levels for a connection between devices. A firewall may thus provide greater granularity of security and integrate more closely with other security methods to provide better overall security with fewer conflicts.
83 Citations
20 Claims
-
1. A method for configuring a firewall for use in a computer system that comprises at least one first device disposed inside the firewall and at least one second device disposed outside the firewall, the method comprising an act of:
(A) establishing at least one rule for the firewall that determines at least one filtering function that the firewall performs on communications between the at least one first device and the at least one second device, wherein the at least one rule employs at least one filtering parameter that is based on at least one connection security level established for a connection between the at least one first device and the at least one second device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. At least one computer readable medium encoded with a plurality of instructions that, when executed, perform a method for use in a computer system that comprises a firewall, at least one first device disposed inside the firewall and at least one second device disposed outside the firewall, the method comprising an act of:
(A) implementing at least one rule for the firewall that determines at least one filtering function that the firewall performs on communications between the at least one first device and the at least one second device, wherein the at least one rule employs at least one filtering parameter that is based on at least one connection security level established for a connection between the at least one first device and the at least one second device. - View Dependent Claims (10, 11, 12, 13, 14)
-
15. A device for use in a computer system that comprises a firewall, at least one first device disposed inside the firewall and at least one second device disposed outside the firewall, the device comprising:
at least one processor programmed to implement at least one rule for the firewall that determines at least one filtering function that the firewall performs on communications between the at least one first device and the at least one second device, wherein the at least one rule employs at least one filtering parameter that is based on at least one connection security level established for a connection between the at least one first device and the at least one second device. - View Dependent Claims (16, 17, 18, 19, 20)
Specification