Protecting network devices by a firewall
First Claim
Patent Images
1. A computer-implemented method, comprising:
- in response to a request from a client device, establishing, by a first computer system implementing a first gateway to a private network, a first network tunnel between the client device and the first gateway, wherein the private network comprises one or more network devices;
receiving, by the first computer system, from the client device, a client access list indicating those of the network devices in the private network that are allowed to communicate with the client device; and
starting, for the first network tunnel, a separate firewall service with a separate set of firewall rules on the first computer system for selectively blocking and allowing network traffic between the client device and the one or more network devices in the private network, wherein each of the firewall rules is derived from the client access list.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods provide for scaling and management of a gateway. In one embodiment, a method includes: in response to a request from a client device, establishing, by a computer system implementing a gateway to a private network, a network tunnel between the client device and the gateway; and after establishing the network tunnel, starting a separate firewall service with a separate set of firewall rules on the computer system for selectively blocking and allowing network traffic between the client device and one or more network devices in the private network.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
in response to a request from a client device, establishing, by a first computer system implementing a first gateway to a private network, a first network tunnel between the client device and the first gateway, wherein the private network comprises one or more network devices; receiving, by the first computer system, from the client device, a client access list indicating those of the network devices in the private network that are allowed to communicate with the client device; and starting, for the first network tunnel, a separate firewall service with a separate set of firewall rules on the first computer system for selectively blocking and allowing network traffic between the client device and the one or more network devices in the private network, wherein each of the firewall rules is derived from the client access list. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system, comprising:
-
at least one processor core, each core configured to run a process; and memory storing instructions configured to instruct the at least one processor core to; in response to a request from a client device, establish a network tunnel between the client device and a gateway to a private network, wherein the private network comprises one or more network devices; receive from the client device, a client access list indicating those of the network devices in the private network that are allowed to communicate with the client device; and start, for the network tunnel, a separate firewall service with a separate set of firewall rules for selectively blocking and allowing network traffic between the client device and the one or more network devices in the private network, wherein each of the firewall rules is derived from the client access list. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A non-transitory computer readable storage medium storing computer-readable instructions, which when executed, cause a first computer system to:
-
in response to a request from a client device, establish a first network tunnel between the client device and a first gateway; receive, by the first computer system, from the client device, a client access list; and start, for the first network tunnel, a separate firewall service with a separate set of firewall rules on the first computer system for selectively blocking and allowing network traffic between the client device and one or more network devices in a private network, wherein each of the firewall rules is derived from the client access list. - View Dependent Claims (17, 18, 19, 20)
-
Specification