Methods for revalidating FQDN rulesets in a firewall
US12034700B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 7, 2020 |
| Grant date | Jul 9, 2024 |
| Priority date | — |
| Expiry date | Sep 5, 2041 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45595
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A method comprises: in response to detecting a new expression in a policy rule, updating a global version number to a new value; identifying a particular IP address that corresponds to an FQDN matching on the new expression; storing an entry comprising the particular IP address, the new expression, and an entry version number in a first data structure, the entry version number being assigned the new value; in response to detecting a new connection to a destination IP address: finding a matching entry in the first data structure corresponding to the destination IP address; determining whether the global version number matches the entry version number for the matching entry; and in response to determining that the global version number does not match the entry version number for the matching entry, sending update information to a slowpath process that associates an updated configuration information for the matching entry.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.