Method for managing network filter based policies
First Claim
1. A method of adding a new filter defining a portion of a network policy into a set of installed filters in a framework including a set of active filters and a set of disabled filters, the new filter and each filter in the set of installed filters including a set of filter conditions and a priority class comprising:
- determining whether at least one installed filter in the set of the installed filters conflicts with the new filter; and
if the at least one installed filter in the set of the installed filters conflicts with the new filter;
identifying whether the priority class of the new filter is lower than the priority class of the at least one installed filter, wherein the priority class is a function of identity of a user or a process responsible for adding the new filter;
if the priority class of the new filter is lower than the priority class of the at least one installed filter, adding the new filter into the set of installed filters as one of the set of disabled filters; and
if the priority class of the new filter is higher than the priority class of the at least one installed filter, adding the new filter into the set of installed filters as one of the set of active filters.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system are provided for adding, removing, and managing a plurality of network policy filters in a network device. Filters are installed in a framework and designated as active or disabled. Each filter has a priority. When a new filter is to be installed into the framework, it is compared to installed filters to determine if a conflict exists. If no conflict exists, the new filter is added as an active filter. If a conflict exists, a higher priority conflicting filter is added as active and a lower priority filter is added as inactive.
94 Citations
13 Claims
-
1. A method of adding a new filter defining a portion of a network policy into a set of installed filters in a framework including a set of active filters and a set of disabled filters, the new filter and each filter in the set of installed filters including a set of filter conditions and a priority class comprising:
-
determining whether at least one installed filter in the set of the installed filters conflicts with the new filter; and if the at least one installed filter in the set of the installed filters conflicts with the new filter; identifying whether the priority class of the new filter is lower than the priority class of the at least one installed filter, wherein the priority class is a function of identity of a user or a process responsible for adding the new filter; if the priority class of the new filter is lower than the priority class of the at least one installed filter, adding the new filter into the set of installed filters as one of the set of disabled filters; and if the priority class of the new filter is higher than the priority class of the at least one installed filter, adding the new filter into the set of installed filters as one of the set of active filters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer storage medium encoded with computer-readable instructions for performing acts of adding a new filter defining a portion of a network policy into a set of installed filters in a framework including an active filter list and a disabled filter list, the new filter and each filter in the set of installed filters including a set of filter conditions and a priority class, the acts comprising:
-
determining whether at least one installed filter in the set of the installed filters conflicts with the new filter; and if the at least one installed filter in the set of the installed filters conflicts with the new filter; identifying whether the priority class of the new filter is lower than the priority class of the at least one installed filter, wherein the priority class is a function of identity of a user or a process responsible for adding the new filter; if the priority class of the new filter is lower than the priority class of the at least one installed filter, adding the new filter into the set of installed filters as one of the set of disabled filters; and if the priority class of the new filter is higher than the priority class of the at least one installed filter, adding the new filter into the set of installed filters as one of the set of active filters. - View Dependent Claims (10, 11, 12, 13)
-
Specification