LOCATION-BASED NETWORK SECURITY
First Claim
Patent Images
1. A location-based network security system comprising:
- one or more processors; and
a non-transitory storage device coupled to the one or more processors and having embodied therein instructions representing;
a request receive module, which when executed by the one or more processors receives a resource access request from a user device relating to a resource within a protected network that is protected by the location-based network security system;
a location determination module, which when executed by the one or more processors determines a geographical location of the user device;
a request-based rule retrieval module, which when executed by the one or more processors retrieves a location-specific security rule for the resource;
a location-based authorization module, which when executed by the one or more processors authenticates the resource access request based on application of the location-specific security rule to the determined geographical location; and
a resource access module, which when executed by the one or more processors enables access to the resource by the user device based on an affirmative authentication of the resource by the location-based authorization module.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for a location-aware network security device are provided. According to one embodiment, a resource access request is received at a network security device of a protected network from a user device. The resource access request represents a request to access a resource of the protected network. A geographical location of the user device is determined by the network security device. The network security device then determines whether the user device should be allowed access to the resource by evaluating a location-specific security rule defined for the resource and the determined geographical location.
5 Citations
12 Claims
-
1. A location-based network security system comprising:
-
one or more processors; and a non-transitory storage device coupled to the one or more processors and having embodied therein instructions representing; a request receive module, which when executed by the one or more processors receives a resource access request from a user device relating to a resource within a protected network that is protected by the location-based network security system; a location determination module, which when executed by the one or more processors determines a geographical location of the user device; a request-based rule retrieval module, which when executed by the one or more processors retrieves a location-specific security rule for the resource; a location-based authorization module, which when executed by the one or more processors authenticates the resource access request based on application of the location-specific security rule to the determined geographical location; and a resource access module, which when executed by the one or more processors enables access to the resource by the user device based on an affirmative authentication of the resource by the location-based authorization module. - View Dependent Claims (2, 3, 4, 5, 6, 8, 9, 10, 11, 12)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeFortinet Inc.
-
Original AssigneeFortinet Inc.
-
InventorsSALVADOR, MARTN HUMBERTO HOZ
-
Application NumberUS15/156,220Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current1/1CPC Class CodesH04L 2101/69 using geographic informatio...H04L 63/02 for separating internal fro...H04L 63/0263 Rule managementH04L 63/08 for authentication of entit...H04L 63/107 wherein the security polici...H04L 63/20 for managing network securi...
