Automatically configuring a computer firewall based on network connection
First Claim
Patent Images
1. A policy file data structure stored in a memory of a computer that includes a processor, and a network adapter, the policy file data structure which is read by the processor, comprises:
- a policy identifier field containing data representing an identifier for a security policy that is associated with the network adapter and a network address zone;
a protocol identifier field containing data representing an identifier for a protocol associated with the security policy identified in the policy identifier field;
a protocol element entry containing data representing a protocol element for the protocol identified by the protocol identifier field, wherein the protocol element entry is associated with port filtering, and the security policy specifies filters for services related to the protocol associated with the security policy, wherein the protocol element entry comprises;
an element identifier field containing data representing an identifier for the protocol element field;
a setting field containing data representing a filter setting for the protocol element identified by the element identifier field; and
a log indicator field containing data representing a decision on logging data utilizing the protocol element identified by the element identifier field; and
a zone identifier field associated with restricting communications for the network address zone, wherein connecting to a network causes the computer to read the data structure and configure itself according to the security policy that is associated with a particular network address of the network address zone.
10 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and policy file data structure stored on computer-readable medium comprise reading a policy identifier field containing data representing an identifier for a security policy. Further, a protocol identifier field is read containing data representing an identifier for a protocol associated with the security policy identified in the policy identifier field. In addition, a protocol element entry containing data representing a protocol element for protocol identified by the protocol identifier field is associated with a network adapter.
52 Citations
12 Claims
-
1. A policy file data structure stored in a memory of a computer that includes a processor, and a network adapter, the policy file data structure which is read by the processor, comprises:
-
a policy identifier field containing data representing an identifier for a security policy that is associated with the network adapter and a network address zone; a protocol identifier field containing data representing an identifier for a protocol associated with the security policy identified in the policy identifier field; a protocol element entry containing data representing a protocol element for the protocol identified by the protocol identifier field, wherein the protocol element entry is associated with port filtering, and the security policy specifies filters for services related to the protocol associated with the security policy, wherein the protocol element entry comprises; an element identifier field containing data representing an identifier for the protocol element field; a setting field containing data representing a filter setting for the protocol element identified by the element identifier field; and a log indicator field containing data representing a decision on logging data utilizing the protocol element identified by the element identifier field; and a zone identifier field associated with restricting communications for the network address zone, wherein connecting to a network causes the computer to read the data structure and configure itself according to the security policy that is associated with a particular network address of the network address zone. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for managing network communications for a computer that includes a processor, a memory, and a network adapter, comprising:
-
reading a policy identifier field containing data representing an identifier for a security policy that is associated with the network adapter and a network address zone; reading a protocol identifier field containing data representing an identifier for a protocol associated with the security policy identified in the policy identifier field; associating a protocol element entry containing data representing a protocol element for the protocol identified by the protocol identifier field with the network adapter, wherein the protocol element entry is associated with port filtering, and the security policy specifies filters for services related to the protocol associated with the security policy, wherein the protocol element entry comprises; an element identifier field containing data representing an identifier for the protocol element field; a setting field containing data representing a filter setting for the protocol element identified by the element identifier field; and a log indicator field containing data representing a decision on logging data utilizing the protocol element identified by the element identifier field; and reading a zone identifier field associated with restricting communications for the network address zone, wherein connecting to a network causes the computer to configure itself according to the security policy that is associated with a particular network address of the network address zone. - View Dependent Claims (7, 8, 9)
-
-
10. A system comprising:
-
a processor, a memory, and a network adapter, the system being executed to; read a policy identifier field containing data representing an identifier for a security policy that is associated with the network adapter and a network address zone; read a protocol identifier field containing data representing an identifier for a protocol associated with the security policy identified in the policy identifier field; associate a protocol element entry containing data representing a protocol element for the protocol identified by the protocol identifier field with the network adapter, wherein the protocol element entry is associated with port filtering, and the security policy specifies filters for services related to the protocol associated with the security policy, wherein the protocol element entry comprises; an element identifier field containing data representing an identifier for the protocol element field; a setting field containing data representing a filter setting for the protocol element identified by the element identifier field; and a log indicator field containing data representing a decision on logging data utilizing the protocol element identified by the element identifier field; and read a zone identifier field associated with restricting communications for the network address zone, wherein connecting to a network causes the computer to read and configure itself according to the security policy that is associated with a particular network address of the network address zone. - View Dependent Claims (11, 12)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMcAfee, LLC
-
Original AssigneeMcAfee, Inc. (McAfee, LLC)
-
InventorsMcArdle, Mark J., Johnston, Brent A., Nathan, Philip D. R., Dool, James
-
Primary Examiner(s)CHOUDHURY, AZIZUL Q
-
Application NumberUS11/772,759Time in Patent Office2,178 DaysField of SearchNoneUS Class Current709/228CPC Class CodesH04L 63/0263 Rule managementH04L 63/20 for managing network securi...
