Network adapter firewall system and method

US 8,627,443 B2
Filed: 03/29/2012
Issued: 01/07/2014
Est. Priority Date: 12/20/2001
Status: Expired due to Term

First Claim

Patent Images

1. A network adapter, comprising:

at least one designated trusted port;

at least one designated untrusted port; and

a processor provisioned in the network adapter, configured for providing firewall capabilities, and coupled within a computer, the network adapter coupled to a network via the ports, wherein network traffic from the at least one trusted port bypasses the processor, wherein the network adapter processor is configured for;

assembling the network traffic into packets;

performing an initial determination whether certain assembled incoming packets are of interest for screening activities based on determining a timing of the certain assembled incoming packets and content within the certain assembled incoming packets;

bypassing the firewall capabilities and communicating the certain assembled incoming packets directly to a network driver of the computer if the certain assembled incoming packets are determined to not be of interest;

determining whether the certain assembled incoming packets of interest violate a plurality of predetermined rules for packet transmissions, wherein the plurality of predetermined rules include at least one rule based on a security level selected from among a plurality of security levels, and wherein each security level includes specific rules to indicate whether incoming packets associated with a particular protocol violate the security level specific rule; and

denying access to certain areas of the computer based on a violation of the predetermined rules.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network adapter system and associated method are provided. Included is a network adapter having a plurality of designated trusted and untrusted ports. The network adapter includes a processor coupled to a computer. Such processor is further coupled to a network via the ports. In use, the processor is configured for conditionally preventing network traffic from accessing the computer from the network via the untrusted ports and/or preventing unauthorized software from accessing the network in an untrusted manner from the computer.

93 Citations

View as Search Results

21 Claims

1. A network adapter, comprising:
- at least one designated trusted port;
  
  at least one designated untrusted port; and
  
  a processor provisioned in the network adapter, configured for providing firewall capabilities, and coupled within a computer, the network adapter coupled to a network via the ports, wherein network traffic from the at least one trusted port bypasses the processor, wherein the network adapter processor is configured for;
  
  assembling the network traffic into packets;
  
  performing an initial determination whether certain assembled incoming packets are of interest for screening activities based on determining a timing of the certain assembled incoming packets and content within the certain assembled incoming packets;
  
  bypassing the firewall capabilities and communicating the certain assembled incoming packets directly to a network driver of the computer if the certain assembled incoming packets are determined to not be of interest;
  
  determining whether the certain assembled incoming packets of interest violate a plurality of predetermined rules for packet transmissions, wherein the plurality of predetermined rules include at least one rule based on a security level selected from among a plurality of security levels, and wherein each security level includes specific rules to indicate whether incoming packets associated with a particular protocol violate the security level specific rule; and
  
  denying access to certain areas of the computer based on a violation of the predetermined rules.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The network adapter of claim 1, wherein a subset of the packets greater than a threshold for a maximum size of packets are stored in random access memory of the computer.
  - 3. The network adapter of claim 1, wherein the initial determination of whether the certain assembled incoming packets are of interest for screening activities is further based on a source of the certain assembled incoming packets and a protocol of the certain assembled incoming packets.
  - 4. The network adapter of claim 1, wherein the violation is associated with remote access to the computer using an authentication certificate.
  - 5. The network adapter of claim 1, further comprising granting access to the certain areas of the computer if no violation occurs.
  - 6. The network adapter of claim 1, further comprising communicating an alert that signals the violation.
  - 7. The network adapter of claim 6, wherein the alert is provided using an indicator on the network adapter.
  - 8. The network adapter of claim 6, wherein the alert includes a plurality of options for addressing the violation.
  - 9. The network adapter of claim 1, wherein the processor is capable of being user-configured locally.
  - 10. The network adapter of claim 1, wherein the trusted and untrusted ports include physical ports coupled to the network adapter for receiving plugs therein.
  - 11. The network adapter of claim 10, wherein the trusted ports are visually differentiated from the untrusted ports.
  - 12. The network adapter of claim 11, wherein the trusted ports are visually differentiated from the untrusted ports utilizing color.
  - 13. The network adapter of claim 1, wherein received packets are of interest based on an associated protocol.
  - 14. The network adapter of claim 1, wherein the processor is further configured to pass received packets that are not of interest.
  - 15. The network adapter of claim 1, wherein the network adapter includes at least one of a Peripheral Component Interconnect (PCI) card, an Industry Standard Architecture (ISA) card, an Integrated Services Digital Network (ISDN) adapter, a cable modem adapter, and a broadband adapter.
  - 16. The network adapter of claim 1, wherein the network adapter includes an adapter circuit that is coupled to the network.
  - 17. The network adapter of claim 16, wherein the adapter circuit is coupled to the computer.
  - 18. The network adapter of claim 1, wherein non-volatile solid state memory is protected by configuring a bios of the network adapter with a password.
  - 19. The network adapter of claim 1, further comprising a packet assembler module configured to utilize header information associated with packets for assembling data fields of received packets.
  - 20. The network adapter of claim 1, further comprising a packet assembler module configured to assemble a predetermined amount of received packets based on an associated protocol.

21. A method for screening network traffic by a processor of a network adapter configured for providing firewall capabilities, the network adapter being coupled to a computer and further coupled to a network via at least one designated trusted port and at least one designated untrusted port, wherein network traffic from the at least one trusted port bypasses the processor, the method comprising:
- assembling the network traffic into packets;
  
  performing an initial determination whether certain assembled incoming packets are of interest for screening activities based on determining a timing of the certain assembled incoming packets and content within the certain assembled incoming packets;
  
  bypassing the firewall capabilities and communicating the certain assembled incoming packets directly to a network driver of the computer if the certain assembled incoming packets are determined to not be of interest;
  
  determining whether the certain assembled incoming packets of interest violate a plurality of predetermined rules for packet transmissions, wherein the plurality of predetermined rules include at least one rule based on a security level selected from among a plurality of security levels, and wherein each security level includes specific rules to indicate whether incoming packets associated with a particular protocol violate the security level specific rule; and
  
  denying access to certain areas of the computer based on a violation of the predetermined rules.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Jagger, Luke D., Rothwell, Anton C., Dennis, William R.
Primary Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US13/434,639
Publication Number

US 20120192262A1
Time in Patent Office

649 Days
Field of Search

726/11, 726/22
US Class Current

726/11
CPC Class Codes

H04L 63/0236 Filtering by address, proto...

Network adapter firewall system and method

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

93 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Network adapter firewall system and method

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

93 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links