INCORPORATING NETWORK CONNECTION SECURITY LEVELS INTO FIREWALL RULES
First Claim
Patent Images
1. A method of regulating a transmission using a firewall enforcing a set of two or more firewall rules, the firewall evaluating the set of firewall rules sequentially in an order to determine whether the transmission should be allowed past the firewall, the method comprising:
- determining whether properties of the transmission meet parameters of one firewall rule of the set of firewall rules, wherein the determining comprisesdetermining whether the properties of the transmission meet at least one first parameter of the firewall rule, anddetermining whether the properties of the transmission meet at least one second parameter of the firewall rule, the at least one second parameter relating to one or more types of connection security;
when it is determined that the properties of the transmission meet the at least one first parameter and do not meet the at least one second parameter, blocking the communication with the firewall without determining whether the properties of the transmission meet parameters of a next firewall rule of the set of firewall rules following the firewall rule in the order; and
when it is determined that the properties of the transmission meet the at least one first parameter and meet the at least one second parameter, taking an action regarding the transmission that is specified by the firewall rule.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention are directed to establishing and/or implementing firewall rules that may employ parameters based on connection security levels for a connection between devices. A firewall may thus provide greater granularity of security and integrate more closely with other security methods to provide better overall security with fewer conflicts.
6 Citations
20 Claims
-
1. A method of regulating a transmission using a firewall enforcing a set of two or more firewall rules, the firewall evaluating the set of firewall rules sequentially in an order to determine whether the transmission should be allowed past the firewall, the method comprising:
-
determining whether properties of the transmission meet parameters of one firewall rule of the set of firewall rules, wherein the determining comprises determining whether the properties of the transmission meet at least one first parameter of the firewall rule, and determining whether the properties of the transmission meet at least one second parameter of the firewall rule, the at least one second parameter relating to one or more types of connection security; when it is determined that the properties of the transmission meet the at least one first parameter and do not meet the at least one second parameter, blocking the communication with the firewall without determining whether the properties of the transmission meet parameters of a next firewall rule of the set of firewall rules following the firewall rule in the order; and when it is determined that the properties of the transmission meet the at least one first parameter and meet the at least one second parameter, taking an action regarding the transmission that is specified by the firewall rule. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. At least one computer-readable storage medium having encoded thereon computer-executable instructions that, when executed by at least one computer, cause the at least one computer to carry out a method of regulating a transmission using a firewall enforcing a set of two or more firewall rules, the firewall evaluating the set of firewall rules sequentially in an order to determine whether the transmission should be allowed past the firewall, the method comprising:
-
determining whether properties of the transmission meet parameters of one firewall rule of the set of firewall rules, the parameters of the firewall rule comprising at least one first parameter relating to at least one transmission characteristic and at least one second parameter relating to one or more types of connection security, the determining comprising evaluating the at least one transmission characteristic of the transmission and evaluating the transmission for the one or more types of connection security; when it is determined that the at least one transmission characteristic of the transmission meets the at least one first parameter and the connection security of the transmission does not meet the at least one second parameter, determining whether the firewall rule indicates that the transmission should be blocked when the at least one first parameter is met and the at least one second parameter is not met, and when the firewall rule indicates that the transmission should be blocked when the at least one second parameter is not met, blocking the communication with the firewall without determining whether the properties of the transmission meet parameters of a next firewall rule of the set of firewall rules following the firewall rule in the order; and when it is determined that the properties of the transmission meet the at least one first parameter and meet the at least one second parameter, taking an action regarding the transmission that is specified by the firewall rule. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. An apparatus comprising:
-
at least one processor; and at least one computer-readable storage medium having encoded thereon processor-executable instructions that, when executed by the at least one processor, cause the at least one computer to carry out a method of regulating a transmission using a firewall enforcing a set of two or more firewall rules, the firewall evaluating the set of firewall rules sequentially in an order to determine whether the transmission should be allowed past the firewall, the method comprising; determining whether properties of the transmission meet parameters of one firewall rule of the set of firewall rules, wherein the determining comprises determining whether the properties meet at least one first parameter of the firewall rule, and determining whether the properties meet at least one second parameter of the firewall rule, the at least one second parameter relating to one or more types of connection security; when it is determined that the properties of the transmission meet the at least one first parameter and do not meet the at least one second parameter, determining whether the transmission should be blocked when the at least one first parameter is met and the at least one second parameter is not met, and when the transmission should be blocked when the at least one second parameter is not met, blocking the communication with the firewall without determining whether the properties of the transmission meet parameters of a next firewall rule of the set of firewall rules following the firewall rule in the order; and when it is determined that the properties of the transmission meet the at least one first parameter and meet the at least one second parameter, taking an action regarding the transmission that is specified by the firewall rule. - View Dependent Claims (17, 18, 19, 20)
-
Specification