Patent · US Active

Fine-grained firewall policy enforcement using session app ID and endpoint process ID correlation

US10855656B2 · kind B2 · utility

2Cited by

14References

18Claims

0Family size

Assignee

Palo Alto Networks, Inc. · US

Inventors

Robert Earle Ashley · Santa Clara, US
Ho Yu Lam · Santa Clara, US
Robert Tesh · معلمی نژاد, US
Xuanyu Jin · Hangzhou City, CN
Paul Theodore Mathison · San Jose, US
Qiuming Li · San Jose, US
Taylor Ettema · San Jose, US

Key dates

Filing date	Sep 15, 2017
Grant date	Dec 1, 2020
Priority date	—
Expiry date	Feb 21, 2038

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1425
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Techniques for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation are disclosed. In some embodiments, a system/process/computer program product for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation includes receiving, at a network device on an enterprise network, process identification (ID) information from an endpoint (EP) agent executed on an EP device, in which the process identification information identifies a process that is initiating a network session from the EP device on the enterprise network; monitoring network communications associated with the network session at the network device to identify an application identification (APP ID) for the network session; and performing an action based on a security policy using the process ID information and the APP ID.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.