DYNAMICALLY ADAPTIVE NETWORK FIREWALLS AND METHOD, SYSTEM AND COMPUTER PROGRAM PRODUCT IMPLEMENTING SAME
First Claim
1. A method for controlling data through a firewall performed on at least one data controlling computer having computer instructions stored on at least one non-transitory computer readable medium, comprising:
- defining at least one node, wherein the at least one node is associated with two or more network interfaces;
associating a set of firewall rules with the at least one node;
receiving a packet at a first node of the at least one node; and
accepting or denying the packet based on the set of firewall rules, wherein the set of firewall rules is dynamically configurable.
8 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer program product for controlling data through a firewall which may be dynamically configurable. The method may comprise defining at least one node, wherein the at least one node is associated with two or more network interfaces; associating a set of firewall rules with the at least one node; receiving a packet at a first node of the at least one node; and accepting or denying the packet based on the set of firewall rules. The firewall rules include dynamic chains of rules having defined places where firewall rules may be dynamically inserted into or deleted from the firewall while the firewall is operating on one or more machines connected to network segments where the nodes reside.
126 Citations
38 Claims
-
1. A method for controlling data through a firewall performed on at least one data controlling computer having computer instructions stored on at least one non-transitory computer readable medium, comprising:
-
defining at least one node, wherein the at least one node is associated with two or more network interfaces; associating a set of firewall rules with the at least one node; receiving a packet at a first node of the at least one node; and accepting or denying the packet based on the set of firewall rules, wherein the set of firewall rules is dynamically configurable. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A device for controlling data through a firewall, comprising:
-
a plurality of network interfaces, wherein each of the plurality of network interfaces is operable to utilize one or more physical devices; a first computer readable storage medium storing a set of firewall rules, wherein the set of firewall rules is dynamically configurable; and a data controlling computer program comprising data controlling computer program code stored on either the first computer readable storage medium or on a second computer readable storage medium, the data controlling computer program code being executable to; define at least one node, wherein the at least one node is associated with two or more network interfaces of the plurality of network interfaces; and when a packet is received at one of the two or more network interfaces associated with the at least one node, accept or deny the packet based on a review of the set of firewall rules. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A data controlling computer program product comprising computer instructions stored on at least one non-transitory computer readable medium, wherein the computer instructions are operable when executed by at least one processor to:
-
define at least one node for controlling data through a firewall, wherein at least one of the at least one node is associated with two or more network interfaces; associate a set of firewall rules with the at least one node; receive a packet at a first node of the at least one node; and accept or deny the packet based on a review of the set of firewall rules, wherein the set of firewall rules is dynamically configurable. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
Specification