Interface groups for rule-based network security
US9088544B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 11, 2014 |
| Grant date | Jul 21, 2015 |
| Priority date | — |
| Expiry date | Sep 11, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0272
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and methods for designating a proper subset of interfaces of a network security appliance as source/destination interfaces in connection with defining a security rule pertaining to a traffic flow are provided. According to one embodiment, a security rule configuration interface is provided through which a network administrator can specify parameters of security rules to be applied to traffic attempting to traverse the network security appliance. Interface information, defining a traffic flow to be controlled by a security rule, is received via the configuration interface. The interface information specifies multiple interfaces, representing a proper subset of the interfaces of the network security appliance, as source/destination interfaces of the traffic flow. Information regarding an action to be performed on the traffic when the security rule is matched is received via the configuration interface. The security rule is stored as part of a rule set to be applied to the traffic.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.