Host trust report based filtering mechanism in a reverse firewall

Assignee

• International Business Machines Corporation · US

Inventors

• Eric P. Fried · Austin, US
• Anand Goyal · Narayanpur, IN
• Silpa Kosanam · Bengaluru, IN
• Suresh Sabarathinam · Austin, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0227
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Disclosed is a computer implemented method and computer program product to throttle traffic from a source internet protocol address. The reverse firewall inspects payloads of a plurality of packets each packet having a source address identical to the source internet protocol address and a target address corresponding to a receiver host. Responsive to detecting purported good content within at least one of the plurality of packets, the reverse firewall forwards packets having the source address. The reverse firewall determines whether a count of packets having the source address exceeds a safe threshold. The reverse firewall requests a demanded positive trust report from the receiver host, responsive to a determination that the count of packets having the source address exceeds the safe threshold. The reverse firewall determines whether a positive trust report is received from the receiver host that indicates that the source internet protocol address is good. The reverse firewall analyzes a header of packet having the source address without analyzing a payload of the packet, responsive to a determination that the positive trust report is received from the receiver host.