Selective auto-revocation of firewall security settings
First Claim
Patent Images
1. A method of managing security settings of a firewall and exceptions to security settings of the firewall in a networked environment, the method comprising:
- managing security settings and exceptions based on network class to control network communication through the firewall;
receiving a connection request from a computing device to a first network;
classifying the first network to a specified network class, the classifying at least partially based on a user input from a user of the computing device;
applying at least one exception to the first network based on the first network being in the specified network class; and
upon detection of a change in network connection from the first network to a second network, classifying the second network to the specified network class, the classifying at least partially based on user input from the user of the computing device and revoking the at least one exception for the second network, wherein the at least one exception includes a network security exception enabled by the user to a network rule managed by the firewall, and the revoking occurs automatically according to the network security exception enabled by the user.
2 Assignments
0 Petitions
Accused Products
Abstract
Management of security firewall settings in a networked computing environment is described. One example embodiment includes applying security settings and exceptions to the security settings based on network class for network communication, and upon detection of an event, revoking at least one exception for at least one network in a specified class.
29 Citations
16 Claims
-
1. A method of managing security settings of a firewall and exceptions to security settings of the firewall in a networked environment, the method comprising:
-
managing security settings and exceptions based on network class to control network communication through the firewall; receiving a connection request from a computing device to a first network; classifying the first network to a specified network class, the classifying at least partially based on a user input from a user of the computing device; applying at least one exception to the first network based on the first network being in the specified network class; and upon detection of a change in network connection from the first network to a second network, classifying the second network to the specified network class, the classifying at least partially based on user input from the user of the computing device and revoking the at least one exception for the second network, wherein the at least one exception includes a network security exception enabled by the user to a network rule managed by the firewall, and the revoking occurs automatically according to the network security exception enabled by the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of managing security settings of a firewall in a networked environment, the method comprising:
-
managing a security profile with at least a first security setting for network communication through the firewall, the first security setting applied to network communication over networks in a specified class; receiving a user-selected request for a second security setting including at least one exception to the first security setting in the security profile; receiving a connection request from a computing device to a first network; classifying the first network to the specified class, the classifying at least partially based on a user input from a user of the computing device; applying said second security setting including the at least one exception to network communication over the first network in said specified class; and upon detection of an event including a connection to a second network, wherein said connection to a second network includes an establishment of a new network connection in the networked environment, classifying the second network to determine that the second network is in the specified class, the classifying at least partially based on a user input from the user of the computing device, and automatically revoking at least said at least one exception from being applied to network communication over the second network based at least on the second network being in said specified class and applying said first security setting to network communication over the second network in said specified class. - View Dependent Claims (11, 12, 13)
-
-
14. A computerized system for network communication in a networked environment having networks of a first class and networks of a second class, comprising:
-
a computing device configured to connect to a first unknown network and a second unknown network; a network classification program configured to classify networks into the first and second classes, the classification at least partially based on user input from a user of the computing device and also based on network characteristics including a security level, the first class including networks of a lower security level than the second class; a firewall program having a plurality of selectable exceptions for each of the first and second classes, the firewall program configured to automatically revoke at least one exception previously enabled for networks of the first class upon a connection by the computing device to a first unknown network of the first class; and
the firewall program further configured to automatically maintain at least one exception previously enabled for networks of the second class upon a connection by the computing device to a second unknown network of the second class. - View Dependent Claims (15, 16)
-
Specification