Methods and systems for context-based application firewalls
First Claim
1. A method comprising:
- performing a context setup with an application level firewall running on a hardware computing device in response to initiation of a user session to access a remote resource, wherein the application level firewall provides application level or higher analysis of network traffic and utilizes context information shared between the application firewall and one or more web-based applications to be used during the user session to perform network and application security operations with the application firewall and at least one of the one or more web-based applications to make security evaluations;
receiving, with the application level firewall, a response to provide information from at least one web-based application to at least one client hardware computing device, wherein the response comprises at least metadata to be used to update the firewall context information;
updating the context information using the application level firewall based on the metadata; and
transmitting, with the application level firewall, the response to the client hardware computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
Context-based application firewall functionality. A user session is initiated with a client device. The user session allows access a remote resource on a server device coupled with the client device over a network. The connection between the client device and the remote resource is through an application firewall. An application firewall context setup is performed with the application firewall in response to the user session. The application firewall context comprises firewall context information to be used during the user session to perform network and application security operations with the application firewall. A response is created to provide information from the remote resource to the client device. The response includes metadata to be used to update the firewall context information. The firewall context information is updated with the application firewall based on the metadata. The response is transmitted to the client device.
129 Citations
26 Claims
-
1. A method comprising:
-
performing a context setup with an application level firewall running on a hardware computing device in response to initiation of a user session to access a remote resource, wherein the application level firewall provides application level or higher analysis of network traffic and utilizes context information shared between the application firewall and one or more web-based applications to be used during the user session to perform network and application security operations with the application firewall and at least one of the one or more web-based applications to make security evaluations; receiving, with the application level firewall, a response to provide information from at least one web-based application to at least one client hardware computing device, wherein the response comprises at least metadata to be used to update the firewall context information; updating the context information using the application level firewall based on the metadata; and transmitting, with the application level firewall, the response to the client hardware computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An article comprising a non-transitory computer-readable medium having stored thereon instructions that, when executed by one or more processors, cause the one or more processors to:
-
perform a context setup with an application level firewall running on a hardware computing device in response to initiation of a user session to access a remote resource, wherein the application level firewall provides application level or higher analysis of network traffic and utilizes context information shared between the application firewall and one or more web-based applications to be used during the user session to perform network and application security operations with the application firewall and at least one of the one or more web-based applications to make security evaluations; receive, with the application level firewall, a response to provide information from at least one web-based application to at least one client hardware computing device, wherein the response comprises at least metadata to be used to update the firewall context information; update the context information using the application level firewall based on the metadata; and transmit, with the application level firewall, the response to the client hardware computing device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system comprising:
-
one or more application level firewalls; and one or more server hardware computing systems communicatively coupled with the one or more remote user hardware computing systems and the one or more application level firewalls, the server systems to perform a context setup with an application level firewall running on a hardware computing device in response to initiation of a user session, wherein the application level firewall provides application level or higher analysis of network traffic and utilizes context information shared between the application firewall and one or more web-based applications to be used during the user session to perform network and application security operations with the application firewall and at least one of the one or more web-based applications to make security evaluations, to receive, with the application level firewall, a response to provide information from at least one web-based application to at least one client hardware computing device, wherein the response comprises at least metadata to be used to update the firewall context information, to update the context information using the application level firewall based on the metadata, and to transmit, with the application level firewall, the response to the client hardware computing device. - View Dependent Claims (21, 22, 23, 24, 25, 26)
-
Specification