Distributed firewall implementation and control
First Claim
1. A method of configuring firewall services in a network having a plurality of devices comprising:
- determining a firewall capability for a first device in the network;
determining a firewall service requirement for a second device in the network; and
configuring the first device to provide firewall service for itself and for the second device according to the firewall service requirement of the second device and the firewall capability of the first device.
2 Assignments
0 Petitions
Accused Products
Abstract
One or more devices on a network may be configured to provide firewall services for other devices on the network. Each of the firewall service suppliers may publish its capability with respect to firewall services and the service receivers may publish their requirements for firewall services. A manager function may broker the requests and offers to match services and requirements. A default firewall service may be provided to devices not publishing their requirements. Network topologies may be re-configured to first route traffic addressed to a device to its corresponding firewall service provider.
100 Citations
20 Claims
-
1. A method of configuring firewall services in a network having a plurality of devices comprising:
-
determining a firewall capability for a first device in the network;
determining a firewall service requirement for a second device in the network; and
configuring the first device to provide firewall service for itself and for the second device according to the firewall service requirement of the second device and the firewall capability of the first device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A network having a plurality of devices adapted for configurable firewall protection comprising:
-
a router with an upstream side and a downstream side for directing data traffic with devices on the network;
a first device coupled to the downstream side of the router, the first device having an ability to supply at least one firewall capability; and
a second device coupled to the downstream side of the router, the second device adapted to publish a request for a firewall service, wherein the first device supplies the at least one firewall capability responsive to the request from the second device when the at least one firewall capability of the first device meets a requirement of the request for the firewall service. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer arranged and adapted to provide firewall services to an other electronic device comprising:
-
a network connection supporting bidirectional data traffic with an upstream network;
a manager coupled to the network connection operable to monitor published requests for firewall services from the other electronic device, and, responsive to the request, configure the network connection to place the other electronic device logically downstream of the computer, and determine a level of firewall service to provide to the other electronic device; and
a firewall service provider coupled to the manager and the network connection, wherein the firewall service provider supports firewall service for itself and provides firewall service for data traffic addressed to the other electronic device according to the level determined by the manager. - View Dependent Claims (20)
-
Specification