SYSTEMS, METHODS, AND MEDIA FOR FIREWALL CONTROL VIA REMOTE SYSTEM INFORMATION

US 20080320580A1
Filed: 06/19/2007
Published: 12/25/2008
Est. Priority Date: 06/19/2007
Status: Active Grant

First Claim

Patent Images

1. A method for controlling a firewall for a user computer system, the method comprising:

receiving a data request at a firewall, the data request being associated with a program of the user computer system;

determining whether a remote system condition exists for the associated program of the user computer system, the remote system condition comprising a condition to be satisfied based on information received from a particular remote system;

in response to determining that a remote system condition exists for the associated program, determining whether the remote system condition is satisfied based on information received from the particular remote system; and

in response to determining whether the remote system condition is satisfied, performing one or more firewall actions.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Generally speaking, systems, methods and media for implementing a firewall control system responsive to remote system information are disclosed. Embodiments of a method may include receiving a data request at a firewall where the data request is associated with a program and determining whether a remote system condition exists for the associated program, where the remote system condition includes a condition to be satisfied based on information received from a particular remote system. Embodiments may also include, in response to determining that a remote system condition exists, determining whether the remote system condition is satisfied based on information received from the particular remote system. Embodiments may also include, in response to determining whether the remote system condition is satisfied, performing one or more firewall actions.

48 Citations

View as Search Results

20 Claims

1. A method for controlling a firewall for a user computer system, the method comprising:
- receiving a data request at a firewall, the data request being associated with a program of the user computer system;
  
  determining whether a remote system condition exists for the associated program of the user computer system, the remote system condition comprising a condition to be satisfied based on information received from a particular remote system;
  
  in response to determining that a remote system condition exists for the associated program, determining whether the remote system condition is satisfied based on information received from the particular remote system; and
  
  in response to determining whether the remote system condition is satisfied, performing one or more firewall actions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising processing the data request according to existing firewall steps.
  - 3. The method of claim 2, wherein processing the data request according to existing firewall steps is performed before performing one or more firewall actions.
  - 4. The method of claim 2, wherein processing the data request according to existing firewall steps is performed after performing one or more firewall actions.
  - 5. The method of claim 2, wherein processing the data request according to existing firewall steps is performed simultaneously with performing one or more firewall actions.
  - 6. The method of claim 1, wherein determining whether the remote system condition is satisfied based on the information received from the particular remote system comprises:
    - requesting information associated with the remote system condition; and
      
      receiving information associated with the remote system condition.
  - 7. The method of claim 6, wherein determining whether the remote system condition is satisfied based on the information received from the particular remote system further comprises connecting with the remote system.
  - 8. The method of claim 1, further comprising:
    - receiving a request to control the program based on a remote system condition; and
      
      assigning one or more firewall actions to be performed based on whether the remote system condition is satisfied.
  - 9. The method of claim 1, wherein performing one or more firewall actions comprises invoking one or more firewall actions to be taken if the remote system condition is not satisfied.
  - 10. The method of claim 1, wherein performing one or more firewall actions comprises setting flags to invoke one or more firewall actions to be taken if the remote system condition is satisfied.
  - 11. The method of claim 1, wherein performing one or more firewall actions comprises modifying access to the data request by the program.
  - 12. The method of claim 1, wherein performing one or more firewall actions comprises blocking transmission of the data request.

13. A computer program product comprising a computer-useable medium having a computer readable program, wherein the computer readable program when executed on a computer causes the computer to:
- receiving a data request at a firewall, the data request being associated with a program of the user computer system;
  
  determining whether a remote system condition exists for the associated program of the user computer system, the remote system condition comprising a condition to be satisfied based on information received from a particular remote system;
  
  in response to determining that a remote system condition exists for the associated program, determining whether the remote system condition is satisfied based on information received from the particular remote system; and
  
  in response to determining whether the remote system condition is satisfied, performing one or more firewall actions.
- View Dependent Claims (14, 15)
- - 14. The computer program product of claim 13, further comprising processing the data request according to existing firewall steps.
  - 15. The computer program product of claim 13, wherein determining whether the remote system condition is satisfied based on the information received from the particular remote system comprises:
    - requesting information associated with the remote system condition; and
      
      receiving information associated with the remote system condition.

16. A firewall system implemented on a computer system, the firewall system comprising:
- a network stack to interrogate incoming and outgoing data packets and to apply one or more firewall rules against them to allow or deny the data packets access to a program of a user computer system; and
  
  a remote system controller in communication with the network stack to further control access to data packets, the remote system controller comprising;
  
  a remote system listener to receive information from a remote system;
  
  a store interface module to access remote system conditions associated with particular programs of the user computer system, the remote system conditions comprising conditions to be satisfied for particular programs of the user computer system;
  
  a condition analyzer to determine whether a remote system condition is satisfied based on information received from a remote system; and
  
  a firewall action manager to perform one or more firewall actions in response to a determination of whether remote system conditions are satisfied.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The firewall system of claim 16, further comprising a condition configuration module to set one or more remote system conditions for a program based on user input.
  - 18. The firewall system of claim 16, wherein the computer system implementing the firewall system is the user computer system.
  - 19. The firewall system of claim 16, wherein the computer system implementing the firewall system is a server computer system separate from the user computer system.
  - 20. The firewall system of claim 16, wherein the network stack and the remote system controller execute in parallel in a parallel processing architecture.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Hamilton, Rick A. II, O'Connell, Brian M., Walker, Keith R., Pavesi, John R.

Granted Patent

US 8,327,430 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/11
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

H04L 41/082   the condition being updates...

H04L 63/0218   Distributed architectures, ...

H04L 63/0254   Stateful filtering

H04L 63/0263   Rule management

SYSTEMS, METHODS, AND MEDIA FOR FIREWALL CONTROL VIA REMOTE SYSTEM INFORMATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS, METHODS, AND MEDIA FOR FIREWALL CONTROL VIA REMOTE SYSTEM INFORMATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links