Firewall control system
First Claim
1. A method for controlling a firewall for a user computing system, said method comprising:
- receiving, by a processor of a computer system, a data request at the firewall, wherein the data request comprises a data packet and an indication of a program that is associated with the data request;
said processor determining whether an authentication plan requires a match for the program;
in response to determining that the authentication plan requires the match for the program, said processor accessing a stored authentication plan associated with the program, the stored authentication plan having one or more authentication records each having expected information relating to user access to a particular server, the stored authentication plan being stored in a repository of the firewall, the stored authentication plan having been generated based at least on selections of an authentication verifier in the firewall;
said processor accessing a current authentication plan from a storage device, the current authentication plan having one or more authentication records each having current information relating to user access to a particular server;
said processor comparing the stored authentication plan with the current authentication plan to determine, based on analyzing authentication events, whether there is at least a partial match between the stored authentication plan and the current authentication plan; and
in response to the comparing between the stored authentication plan and the current authentication plan, said processor performing one or more firewall actions selected from the group consisting of allowing access to data packets, denying access to data packets, monitoring data packets, and redirecting data packets to another device.
1 Assignment
0 Petitions
Accused Products
Abstract
Generally speaking, systems, methods and media for implementing a firewall control system responsive to user authentications are disclosed. Embodiments of a method may include receiving a data request at a firewall where the data request is associated with a program. Embodiments may include determining whether an authentication plan is required to be matched for the associated program and, if so, accessing a stored authentication plan associated with the program and having one or more authentication records each having expected information relating to user access to a particular server. Embodiments may include accessing a current authentication plan from an authentication store, the current authentication plan having one or more authentication records each having information relating to user access to a particular server. Embodiments may include comparing the stored authentication plan with the received current authentication plan to determine whether they match and, in response, performing one or more firewall actions.
40 Citations
20 Claims
-
1. A method for controlling a firewall for a user computing system, said method comprising:
-
receiving, by a processor of a computer system, a data request at the firewall, wherein the data request comprises a data packet and an indication of a program that is associated with the data request; said processor determining whether an authentication plan requires a match for the program; in response to determining that the authentication plan requires the match for the program, said processor accessing a stored authentication plan associated with the program, the stored authentication plan having one or more authentication records each having expected information relating to user access to a particular server, the stored authentication plan being stored in a repository of the firewall, the stored authentication plan having been generated based at least on selections of an authentication verifier in the firewall; said processor accessing a current authentication plan from a storage device, the current authentication plan having one or more authentication records each having current information relating to user access to a particular server; said processor comparing the stored authentication plan with the current authentication plan to determine, based on analyzing authentication events, whether there is at least a partial match between the stored authentication plan and the current authentication plan; and in response to the comparing between the stored authentication plan and the current authentication plan, said processor performing one or more firewall actions selected from the group consisting of allowing access to data packets, denying access to data packets, monitoring data packets, and redirecting data packets to another device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product, comprising a computer physically tangible storage device having a computer readable program code stored therein, said program code configured to be executed by a processor of a computer system to implement a method for controlling a firewall for a user computing system, said method comprising:
-
said processor receiving a data request at the firewall, wherein the data request comprises a data packet and an indication of a program that is associated with the data request; said processor determining whether an authentication plan requires a match for the program; in response to determining that the authentication plan requires the match for the program, said processor accessing a stored authentication plan associated with the program, the stored authentication plan having one or more authentication records each having expected information relating to user access to a particular server, the stored authentication plan being stored in a repository of the firewall, the stored authentication plan having been generated based at least on selections of an authentication verifier in the firewall; said processor accessing a current authentication plan from a storage device, the current authentication plan having one or more authentication records each having current information relating to user access to a particular server; said processor comparing the stored authentication plan with the current authentication plan to determine, based on analyzing authentication events, whether there is at least a partial match between the stored authentication plan and the current authentication plan; and in response to the comparing between the stored authentication plan and the current authentication plan, said processor performing one or more firewall actions selected from the group consisting of allowing access to data packets, denying access to data packets, monitoring data packets, and redirecting data packets to another device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer system comprising a processor, a memory coupled to the processor, and a computer readable storage device coupled to the processor, said storage device containing program code configured to be executed by the processor via the memory to implement a method for controlling a firewall for a user computing system, said method comprising:
-
said processor receiving a data request at the firewall, wherein the data request comprises a data packet and an indication of a program that is associated with the data request; said processor determining whether an authentication plan requires a match for the program; in response to determining that the authentication plan requires the match for the program, said processor accessing a stored authentication plan associated with the program, the stored authentication plan having one or more authentication records each having expected information relating to user access to a particular server, the stored authentication plan being stored in a repository of the firewall, the stored authentication plan having been generated based at least on selections of an authentication verifier in the firewall; said processor accessing a current authentication plan from a storage device, the current authentication plan having one or more authentication records each having current information relating to user access to a particular server; said processor comparing the stored authentication plan with the current authentication plan to determine, based on analyzing authentication events, whether there is at least a partial match between the stored authentication plan and the current authentication plan; and in response to the comparing between the stored authentication plan and the current authentication plan, said processor performing one or more firewall actions selected from the group consisting of allowing access to data packets, denying access to data packets, monitoring data packets, and redirecting data packets to another device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification