Method and apparatus for configuring and managing firewalls and security devices

US 6,212,558 B1
Filed: 12/24/1997
Issued: 04/03/2001
Est. Priority Date: 04/25/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for configuring a plurality of network security devices, comprising:

coupling each network security device of the plurality of network security devices to a network;

providing a network directory services server providing network directory services for the network coupled to each network security device, the network directory services including services for configuring the plurality of network security devices using the network directory services server;

providing a directory services database in the network directory services server for storing configuration information for the network;

managing the plurality of network security devices from the network directory services server;

implementing a security policy for the plurality of network security devices on the network directory services server;

using the network directory services to provide configuration information for the plurality of network security devices, in response to the security policy; and

storing said configuration information for the plurality of network security devices in the directory services database.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for configuring a plurality of network security devices, includes the steps of providing a network directory services server providing network directory services to a plurality of network servers, each of the plurality of network servers coupled to one of the plurality of network security devices, implementing a security policy for the plurality of network security devices on the network directory services server, and using the network directory services to provide configuration information for the plurality of network security devices, in response to the security policy.

Citations

20 Claims

1. A method for configuring a plurality of network security devices, comprising:
- coupling each network security device of the plurality of network security devices to a network;
  
  providing a network directory services server providing network directory services for the network coupled to each network security device, the network directory services including services for configuring the plurality of network security devices using the network directory services server;
  
  providing a directory services database in the network directory services server for storing configuration information for the network;
  
  managing the plurality of network security devices from the network directory services server;
  
  implementing a security policy for the plurality of network security devices on the network directory services server;
  
  using the network directory services to provide configuration information for the plurality of network security devices, in response to the security policy; and
  
  storing said configuration information for the plurality of network security devices in the directory services database.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein configuration information for a first network security device and a second network security device are substantially similar.
  - 3. The method of claim 1 wherein configuration information for a first network security device and a second network security device are different.
  - 4. The method of claim 2 wherein the first network security device is based upon a WindowsNT operating system and the second network security device is based upon a operating system selected from a class comprising Novell NetWare, Novell IntranetWare, and UNIX.
  - 5. The method of claim 3 wherein a first network coupled to the first network security device includes a network server based upon a WindowsNT operating system and a second network coupled to the second network security device includes a second network server based upon an operating system selected from a class comprising of Novell NetWare, Novell IntranetWare, and UNIX.
  - 6. The method of claim 1 wherein one of the plurality of network security devices is a firewall and the network directory services is selected from a class comprising Novell Directory Services, Light weight Directory Access Protocol, and Microsoft Active Directory Services.
  - 7. The method of claim 1 wherein the network directory services is Novell Directory Services.
  - 8. The method of claim 1 wherein the plurality of network security devices include a multi-level IP firewall and an IPX/IP gateway.

9. A method for configuring security features in a plurality of networks comprising:
- providing a central network server providing directory services to the plurality of networks, the directory services including services for configuring security devices coupled to the plurality of networks;
  
  providing a directory services database in the central network server for storing configuration information for the plurality of networks;
  
  configuring security features for the plurality of networks via a remote client using the central network server;
  
  using the directory services to provide each network of the plurality of networks with the security features; and
  
  storing the security features for the security devices in the directory services database.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9 wherein each of the plurality of networks are compliant to the directory services.
  - 11. The method of claim 9 wherein security features of a first network from the plurality of networks and security features of a second network from the plurality of networks are different.
  - 12. The method of claim 11 wherein the first network includes a server is based upon a Novell NetWare operating system, and the second network includes a server is based upon an operating system selected from the class comprising WindowsNT, Novell NetWare, Novell IntranetWare, and UNIX.
  - 13. The method of claim 9 wherein the directory services is selected from a class comprising Novell Directory Services, Lightweight Directory Access Protocol, and Microsoft Active Directory Services.
  - 14. The method of claim 9 wherein one of the plurality of networks includes a firewall server and wherein security features of one network comprises firewall configuration data.

15. A network of trusted network servers including a computer system for configuring security features for security devices coupled to the network of trusted network servers, the computer system including:
- a processor; and
  
  a computer readable media including;
  
  code that directs the processor to provide directory services to the network of trusted network servers, the directory services including services for configuring the security devices coupled to the network of trusted network servers;
  
  code that directs the processor to store configuration information for the network of trusted network servers in a directory services database in the computer system;
  
  code that directs the processor to manage the security devices coupled to the network of trusted network servers;
  
  code that directs the processor to receive security feature configuration data for the security devices coupled to the network of trusted network servers from a remote client;
  
  code that directs the processor to use the directory services to provide each of the security devices coupled to the network of trusted network servers with the security feature configuration data; and
  
  code that directs the processor to store the security feature configuration data in the directory services database.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The network of claim 15 wherein each of the plurality of network servers are compatible to the directory services.
  - 17. The network of claim 15 wherein security feature configuration data of a first security device coupled to the network of trusted servers and security feature configuration data of a second security device coupled to the network of trusted servers are different.
  - 18. The network of claim 17 wherein the first security device is based upon a Novell IntranetWare operating system, and the second security device is based upon an operating system selected from the class comprising WindowsNT, Novell NetWare, Novell IntranetWare, and UNIX.
  - 19. The network of claim 17 wherein the directory services is selected from a class comprising Novell Directory Services, Lightweight Directory Access Protocol, and Microsoft Active Directory Services.
  - 20. The network of claim 15 wherein security features of one of the security devices coupled to the network of trusted network servers comprises firewall features.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Corporation
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Bisht, Naveen S., Puri, Hemant, Sawhney, Sanjay, Antur, Anand K.
Primary Examiner(s)
Follansbee, John A.

Application Number

US08/998,100
Time in Patent Office

1,196 Days
Field of Search

709/203, 709/217-219, 709/221, 709/223, 709/227-229, 709/249, 709/299, 713/201
US Class Current

709/221
CPC Class Codes

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/0895   Configuration of virtualise...

H04L 41/22   comprising specially adapte...

H04L 41/28   Restricting access to netwo...

H04L 63/02   for separating internal fro...

H04L 63/20   for managing network securi...

Method and apparatus for configuring and managing firewalls and security devices

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for configuring and managing firewalls and security devices

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links