Automatically validating enterprise firewall rules and provisioning firewall rules in computer systems
First Claim
1. A computer-implemented method of automatically validating a firewall rule for provisioning in a computer system, comprising executing on one or more computer processors:
- receiving from a user device one or more firewall rules for provisioning on a server;
determining based on predefined firewall rules, whether to approve one or more of the firewall rules and deny one or more of the firewall rules;
responsive to determining that one or more of the firewall rules are denied, performing additional validation of one or more of the firewall rules that are denied;
updating a firewall rule learning engine with a result of the additional validation, wherein based on the result of the additional validation, the firewall rule learning engine updates the predefined firewall rules;
provisioning one or more of the firewall rules that are approved on the server; and
opening the one or more of the firewall rules between a source server and a target server,wherein one or more of the computer processors automatically secure connections between the source server and the target server.
1 Assignment
0 Petitions
Accused Products
Abstract
Automatically validating a firewall rule for provisioning in a computer system. One or more firewall rules for provisioning on a server is received from a user device. Based on predefined firewall rules, whether to approve one or more of the firewall rules and deny one or more of the firewall rules is determined. Responsive to determining that one or more of the firewall rules are denied, additional validation of one or more of the firewall rules that are denied are performed. A firewall rule learning engine is updated with a result of the additional validation. Based on the result of the additional validation, the firewall rule learning engine updates the predefined firewall rules. One or more of the firewall rules that are approved on the server may be provisioned.
-
Citations
18 Claims
-
1. A computer-implemented method of automatically validating a firewall rule for provisioning in a computer system, comprising executing on one or more computer processors:
-
receiving from a user device one or more firewall rules for provisioning on a server; determining based on predefined firewall rules, whether to approve one or more of the firewall rules and deny one or more of the firewall rules; responsive to determining that one or more of the firewall rules are denied, performing additional validation of one or more of the firewall rules that are denied; updating a firewall rule learning engine with a result of the additional validation, wherein based on the result of the additional validation, the firewall rule learning engine updates the predefined firewall rules; provisioning one or more of the firewall rules that are approved on the server; and opening the one or more of the firewall rules between a source server and a target server, wherein one or more of the computer processors automatically secure connections between the source server and the target server. - View Dependent Claims (2, 3, 4, 5, 6, 15, 16)
-
-
7. A non-transitory computer readable storage medium storing a program of instructions executable by a machine to perform a method of automatically validating a firewall rule for provisioning in a computer system, the method comprising:
-
receiving from a user device one or more firewall rules for provisioning on a server; determining based on predefined firewall rules, whether to approve one or more of the firewall rules and deny one or more of the firewall rules; responsive to determining that one or more of the firewall rules are denied, performing additional validation of one or more of the firewall rules that are denied; updating a firewall rule learning engine with a result of the additional validation, wherein based on the result of the additional validation, the firewall rule learning engine updates the predefined firewall rules; provisioning one or more of the firewall rules that are approved on the server; and opening the one or more of the firewall rules between a source server and a target server, wherein one or more of the computer processors automatically secure connections between the source server and the target server. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system of automatically validating a firewall rule for provisioning in a computer system, comprising:
-
a storage device; one or more computer processors operatively coupled to a communication network, one or more of the computer processors operable to receive from a user device one or more firewall rules for provisioning on a server, one or more of the computer processors determining based on predefined firewall rules stored on the storage device, whether to approve one or more of the firewall rules and deny one or more of the firewall rules, responsive to determining that one or more of the firewall rules are denied, one or more of the computer processors performing additional validation of one or more of the firewall rules that are denied; a firewall rule learning engine coupled to one or more of the computer processors; one or more of the computer processors updating the firewall rule learning engine with a result of the additional validation; based on the result of the additional validation, the firewall rule learning engine operable to update the predefined firewall rules; one or more of the computer processors operable to provision one or more of the firewall rules that are approved on the server; one or more of the computer processors opening the one or more of the firewall rules between a source server and a target server, wherein one or more of the computer processors automatically secure connections between the source server and the target server. - View Dependent Claims (14, 17, 18)
-
Specification