Access network dynamic firewall
First Claim
1. A network system comprising:
- a network, wherein the network includes a network edge point configured to provide access to the network; and
a terminal, wherein the terminal is coupled to the network edge point and communicates with the network via the network edge point;
wherein the network edge point has a security policy that includes a personal filter which is provided by the terminal and which is applicable exclusively to the terminal and which customizes the security policy for network communications between the network and the terminal.
3 Assignments
0 Petitions
Accused Products
Abstract
A network system includes a network edge point configured to provide a terminal with access to a network. The network edge point includes a security policy associated with the terminal, and controls communications between the network and the terminal according to the security policy. The security policy may include a personal filter downloaded from the terminal, a service filter downloaded from a service policy server, and/or a domain filter downloaded from a domain policy server. The terminal may access the network through a second network edge point. The second network edge point may download one or more of the filters from the first network edge point, and control communications between the network and the terminal according to the security policy.
47 Citations
26 Claims
-
1. A network system comprising:
-
a network, wherein the network includes a network edge point configured to provide access to the network; and a terminal, wherein the terminal is coupled to the network edge point and communicates with the network via the network edge point; wherein the network edge point has a security policy that includes a personal filter which is provided by the terminal and which is applicable exclusively to the terminal and which customizes the security policy for network communications between the network and the terminal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of securing communications in a network, comprising the steps of:
-
sending a service filter from a service policy server to a network edge point; sending a personal filter from a terminal to the network edge point, the personal filter being applicable exclusively to the terminal, customizing a security policy that governs communications between the terminal and the network at the network edge point; integrating the service filter and the personal filter into an integrated filter table; and filtering traffic to the terminal at the network edge point according to the integrated filter table. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of securing communications in a network, comprising the steps of:
-
sending a personal filter from a terminal to a first network edge point, the personal filter being applicable exclusively to the terminal, customizing a security policy that governs communications between the terminal and the network at the network edge point; sending the personal filter from the first network edge point to a second network edge point, when the terminal hands-off from the first network edge point to the second network edge point; and filtering traffic to the terminal at the second network edge point according to the personal filter. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
Specification