Patent · US Active

Firewall policy enforcement based on high level identification strings

US10530750B2 · kind B2 · utility

0Cited by

1References

18Claims

0Family size

Assignee

Nicira, Inc. · US

Inventors

Jayant Jain · Cupertino, US
Kausum Kumar · Los Gatos, US
Anirban Sengupta · Saratoga, US
Rick Lund · Livermore, US
Jingmin Zhou · San Jose, US

Key dates

Filing date	Dec 14, 2016
Grant date	Jan 7, 2020
Priority date	—
Expiry date	Oct 9, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/0218
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The technology disclosed herein enables the enforcement of firewall policies based on high level identification strings. In a particular embodiment, a method provides receiving a first reply from a first identification system directed to a requestor system. In response to determining that the first identification system comprises an identification system trusted by the firewall, the method provides inspecting at least one packet included in the first reply to identify a first network address therein associated with a first high level identification string. The method further provides updating a data structure comprising allowed network addresses with the first network address and, after updating the data structure with the first network address, allowing at least one packet from the requestor system directed to a first destination at the first network address to traverse the firewall system based on the data structure.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.