Patent · US Active

Security policy analysis based on detecting new network port connections

US10193862B2 · kind B2 · utility

0Cited by

13References

20Claims

0Family size

Assignee

VMware LLC · US

Inventors

Jayant Jain · Cupertino, US
Anirban Sengupta · Saratoga, US
Alok S. Tiagi · Palo Alto, US
Jingmin Zhou · San Jose, US
Russell Lu · Pleasanton, US

Key dates

Filing date	Nov 29, 2016
Grant date	Jan 29, 2019
Priority date	—
Expiry date	Mar 31, 2037

Classification

Technology area (CPC G)Physics
CPC primaryG06F2009/45595
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A computer system provides a method for identifying firewall rules to apply to a virtual machine based on detecting initiation of a new network connection from the virtual machine. An example method generally includes detecting initiation of communications on a network port by a virtual machine, identifying one or more applications executing on the virtual machine that initiated communications on the network port, identifying one or more firewall rules to apply to the virtual machine based, at least in part, on the identification of the one or more applications, determining a deviation between firewall rules applied to the virtual machine and the identified one or more firewall rules, and upon determining that a deviation exists between the firewall rules applied to the virtual machine and the identified one or more firewall rules, applying one or more rules corresponding to the determined deviation to the virtual machine.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.