Incorporating network connection security levels into firewall rules
First Claim
Patent Images
1. A method of regulating transmissions using a firewall, the method comprising:
- receiving a first transmission at the firewall, the firewall being associated with at least a first multi-parameter firewall rule and at least one other multi-parameter firewall rule, each of the first multi-parameter firewall rule and the at least one other multi-parameter firewall rule having at least a first parameter, a connection security parameter relating to one or more types of connection security, a first field that specifies an action for that multi-parameter firewall rule, and another field that specifies whether transmissions not meeting the connection security parameter should be blocked;
determining that properties of the first transmission do not meet the first parameter of the first multi-parameter firewall rule;
handling the first transmission according to the at least one other multi-parameter firewall rule without determining whether the properties of the first transmission meet the connection security parameter of the first multi-parameter firewall rule;
receiving a second transmission at the firewall;
determining that properties of the second transmission meet the first parameter of the first multi-parameter firewall rule and do not meet the connection security parameter of the first multi-parameter firewall rule;
blocking the second transmission with the firewall without determining whether the properties of the second transmission meet parameters of the at least one other multi-parameter firewall rule if the other field of the first multi-parameter firewall rule specifies that transmissions not meeting the connection security parameter should be blocked;
receiving a third transmission at the firewall;
determining that properties of the third transmission meet the first parameter of the first multi-parameter firewall rule and meet the connection security parameter of the first multi-parameter firewall rule; and
taking an action regarding the third transmission that is specified by the first field of the first multi-parameter firewall rule.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention are directed to establishing and/or implementing firewall rules that may employ parameters based on connection security levels for a connection between devices. A firewall may thus provide greater granularity of security and integrate more closely with other security methods to provide better overall security with fewer conflicts.
58 Citations
20 Claims
-
1. A method of regulating transmissions using a firewall, the method comprising:
-
receiving a first transmission at the firewall, the firewall being associated with at least a first multi-parameter firewall rule and at least one other multi-parameter firewall rule, each of the first multi-parameter firewall rule and the at least one other multi-parameter firewall rule having at least a first parameter, a connection security parameter relating to one or more types of connection security, a first field that specifies an action for that multi-parameter firewall rule, and another field that specifies whether transmissions not meeting the connection security parameter should be blocked; determining that properties of the first transmission do not meet the first parameter of the first multi-parameter firewall rule; handling the first transmission according to the at least one other multi-parameter firewall rule without determining whether the properties of the first transmission meet the connection security parameter of the first multi-parameter firewall rule; receiving a second transmission at the firewall; determining that properties of the second transmission meet the first parameter of the first multi-parameter firewall rule and do not meet the connection security parameter of the first multi-parameter firewall rule; blocking the second transmission with the firewall without determining whether the properties of the second transmission meet parameters of the at least one other multi-parameter firewall rule if the other field of the first multi-parameter firewall rule specifies that transmissions not meeting the connection security parameter should be blocked; receiving a third transmission at the firewall; determining that properties of the third transmission meet the first parameter of the first multi-parameter firewall rule and meet the connection security parameter of the first multi-parameter firewall rule; and taking an action regarding the third transmission that is specified by the first field of the first multi-parameter firewall rule. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. At least one computer-readable memory having stored thereon computer-executable instructions that, in response to execution by a firewall device, cause the firewall device to perform operations, the operations comprising:
-
receiving a first transmission at the firewall device, the firewall device being associated with at least a first firewall rule of a set of firewall rules, the first firewall rule comprising a first parameter relating to at least one transmission characteristic, a connection security parameter relating to one or more types of connection security, a first field that specifies an action for that firewall rule, and a connection security field that specifies whether transmissions not meeting the connection security parameter are to be blocked; determining that at least one transmission characteristic of the first transmission does not meet the first parameter of the first firewall rule; handling the first transmission according to at least one other firewall rule of the set of firewall rules without determining whether a connection security characteristic of the first transmission meets the connection security parameter of the first firewall rule; receiving a second transmission at the firewall device; determining that at least one transmission characteristic of the second transmission meets the first parameter of the first firewall rule and a connection security characteristic of the second transmission does not meet the connection security parameter of the first firewall rule; blocking the second transmission with the firewall device without regard to additional firewall rules of the set of firewall rules if the connection security field of the first firewall rule specifies that transmissions not meeting the connection security parameter are to be blocked; receiving a third transmission at the firewall device; determining that at least one transmission characteristic of the third transmission meets the first parameter of the first firewall rule and a connection security characteristic of the third transmission meets the connection security parameter of the first firewall rule; and taking an action regarding the third transmission that is specified by the first field of the first firewall rule. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A firewall device, comprising:
-
at least one processor; and at least one computer-readable memory having processor-executable instructions stored therein that, in response to execution by the at least one processor, cause the firewall device to regulate transmission of data through the firewall device based on a set of two or more firewall rules, each of the two or more firewall rules having at least a first parameter and a connection security parameter, the regulation of transmission of data comprising; receiving a first transmission; determining that properties of the first transmission do not meet the first parameter of a first firewall rule of the set of firewall rules; handling the first transmission according to at least one other firewall rule of the set of firewall rules without determining whether the properties of the first transmission meet the connection security parameter of the first firewall rule; receiving a second transmission; determining that properties of the second transmission meet the first parameter of the first firewall rule; determining that the properties of the second transmission do not meet the connection security parameter of the first firewall rule, the connection security parameter of the first firewall rule relating to one or more types of connection security; in response to the determination that the properties of the second transmission do not meet the connection security parameter of the first firewall rule, determining whether the second transmission is to be blocked based on a setting in a connection security field that specifies whether transmissions not meeting the connection security parameter are to be blocked; if the connection security field specifies that transmissions not meeting the connection security parameter are to be blocked, blocking the second transmission without determining whether the properties of the second transmission meet parameters of a next firewall rule of the set of firewall rules; receiving a third transmission; determining that properties of the third transmission meet the first parameter of the first firewall rule and meet the connection security parameter of the first firewall rule; and in response to the determination that the properties of the third transmission meet the first parameter of the first firewall rule and meet the connection security parameter of the first firewall rule, taking an action regarding the third transmission that is specified by the first firewall rule. - View Dependent Claims (17, 18, 19, 20)
-
Specification