Information security – Access control or authentication – Network
Reexamination Certificate
2009-10-15
2011-10-04
Dinh, Minh (Department: 2432)
Information security
Access control or authentication
Network
Reexamination Certificate
active
08032933
ABSTRACT:
One embodiment creates a model of the traffic through a network firewall and uses that model to dynamically manipulate the network firewall. The firewall model defines nodes, connections between the nodes, and firewall rules applicable to the nodes, the connections between the nodes, or a combination thereof. Each of the nodes represents simultaneously a source and a destination for data packets. The firewall rules include dynamic chains of rules having defined places where firewall rules may be dynamically inserted into or deleted from the firewall while the firewall is operating on one or more machines connected to network segments where the nodes reside.
REFERENCES:
patent: 5623601 (1997-04-01), Vu
patent: 6226752 (2001-05-01), Gupta et al.
patent: 6266774 (2001-07-01), Sampath et al.
patent: 6502135 (2002-12-01), Munger et al.
patent: 6631416 (2003-10-01), Bendinelli et al.
patent: 6643260 (2003-11-01), Kloth et al.
patent: 6763468 (2004-07-01), Gupta et al.
patent: 6789118 (2004-09-01), Rao
patent: 6798746 (2004-09-01), Kloth et al.
patent: 6816903 (2004-11-01), Rakoshitz et al.
patent: 6834341 (2004-12-01), Bahl et al.
patent: 6839759 (2005-01-01), Larson et al.
patent: 6876668 (2005-04-01), Chawla et al.
patent: 6907530 (2005-06-01), Wang
patent: 6976089 (2005-12-01), Na et al.
patent: 6996625 (2006-02-01), Kaplan et al.
patent: 7085385 (2006-08-01), Frantz et al.
patent: 7085854 (2006-08-01), Keane et al.
patent: 7092727 (2006-08-01), Li et al.
patent: 7143435 (2006-11-01), Droms et al.
patent: 7146639 (2006-12-01), Bartal et al.
patent: 7181542 (2007-02-01), Tuomenoksa et al.
patent: 7181766 (2007-02-01), Bendinelli et al.
patent: 7185073 (2007-02-01), Gai et al.
patent: 7185358 (2007-02-01), Schreiber et al.
patent: 7188180 (2007-03-01), Larson et al.
patent: 7194554 (2007-03-01), Short et al.
patent: 7216173 (2007-05-01), Clayton et al.
patent: 7257833 (2007-08-01), Parekh et al.
patent: 7290288 (2007-10-01), Gregg et al.
patent: 7310613 (2007-12-01), Briel et al.
patent: 7316029 (2008-01-01), Parker et al.
patent: 7324551 (2008-01-01), Stammers
patent: 7386888 (2008-06-01), Liang et al.
patent: 7418504 (2008-08-01), Larson et al.
patent: 7444669 (2008-10-01), Bahl et al.
patent: 7448075 (2008-11-01), Morand et al.
patent: 7454792 (2008-11-01), Cantrell et al.
patent: 7490151 (2009-02-01), Munger et al.
patent: 7587512 (2009-09-01), Ta et al.
patent: 7590728 (2009-09-01), Tonnesen et al.
patent: 7610621 (2009-10-01), Turley et al.
patent: 7624438 (2009-11-01), White
patent: 7665130 (2010-02-01), Johnston et al.
patent: 2002/0023210 (2002-02-01), Tuomenoksa et al.
patent: 2002/0026503 (2002-02-01), Bendinelli et al.
patent: 2002/0026531 (2002-02-01), Keane et al.
patent: 2002/0029276 (2002-03-01), Bendinelli et al.
patent: 2002/0053031 (2002-05-01), Bendinelli et al.
patent: 2002/0056008 (2002-05-01), Keane et al.
patent: 2002/0091859 (2002-07-01), Tuomenoksa et al.
patent: 2002/0099829 (2002-07-01), Richards et al.
patent: 2002/0133586 (2002-09-01), Shanklin et al.
patent: 2002/0138631 (2002-09-01), Friedel et al.
patent: 2002/0165949 (2002-11-01), Na et al.
patent: 2003/0069955 (2003-04-01), Gieseke et al.
patent: 2003/0110073 (2003-06-01), Briel et al.
patent: 2003/0115247 (2003-06-01), Simpson et al.
patent: 2003/0123442 (2003-07-01), Drucker et al.
patent: 2003/0182420 (2003-09-01), Jones et al.
patent: 2003/0212900 (2003-11-01), Liu et al.
patent: 2004/0064351 (2004-04-01), Mikurak
patent: 2004/0064560 (2004-04-01), Zhang et al.
patent: 2004/0083295 (2004-04-01), Amara et al.
patent: 2004/0107290 (2004-06-01), Kaplan et al.
patent: 2004/0215957 (2004-10-01), Moineau et al.
patent: 2004/0268149 (2004-12-01), Aaron
patent: 2005/0021975 (2005-01-01), Liu
patent: 2005/0066200 (2005-03-01), Bahl et al.
patent: 2005/0138358 (2005-06-01), Bahl et al.
patent: 2005/0138416 (2005-06-01), Qian et al.
patent: 2005/0204402 (2005-09-01), Turley et al.
patent: 2006/0168454 (2006-07-01), Venkatachary et al.
patent: 2010/0192213 (2010-07-01), Ta et al.
Office Action issued in U.S. Appl. No. 11/076,719, mailed Sep. 4, 2008, 7 pgs.
Office Action issued in U.S. Appl. No. 11/076,719, mailed Mar. 17, 2009, 8 pgs.
Office Action issued in U.S. Appl. No. 11/076,672, mailed Jan. 7, 2010, 9 pgs.
Office Action issued in U.S. Appl. No. 11/076,591, mailed Feb. 2, 2010, 34 pgs.
Office Action issued in U.S. Appl. No. 11/076,591, mailed Jul. 20, 2010, 33 pgs.
Office Action issued in U.S. Appl. No. 10/683,317, mailed Jul. 23, 2010, 9 pgs.
Office Action for U.S. Appl. No. 12/506,140, mailed Sep. 1, 2010, 11 pgs.
“Cisco Common Classification Policy Language,” Cisco Router and Security Device Manager 2.4 User's Guide, Ch. 34, 2007, 32 pgs., Cisco Systems, Inc., San Jose, CA.
Office Action for U.S. Appl. No. 12/506,140, mailed Feb. 18, 2011, 13 pgs.
Office Action for U.S. Appl. No. 12/617,211, dated Feb. 3, 2011, 14 pgs.
“Managing Firewall Services,” User Guide for Cisco Security Manager 3.3.1, Oct. 2009, Ch. 11, 90 pgs., Cisco Systems, Inc., San Jose, CA.
“Cisco Common Classification Policy Language,” Cisco Router and Security Device Manager 2.4 User's Guide, Ch. 34, 2008, 32 pgs., Cisco Systems, Inc., San Jose, CA.
Guide to User Documentation for Cisco Security Manager 4.0, Jun. 18, 2010, 6 pgs., Cisco Systems, Inc., San Jose, CA.
Cisco Configuration Professional: Zone-Based Firewall Blocking Peer to Peer Traffic Configuration Example, Document ID: 112237, Updated Dec. 3, 2010, 25 pgs., Cisco Systems, Inc., San Jose, CA.
Tuning Cisco IOS Classic and Zone-Based Policy Firewall Denial-of-Service Protection, 2006, 10 pgs., Cisco Systems, Inc., San Jose, CA.
Holuska, Marty, Using Cisco IOS Firewalls to Implement a Network Security Policy, Fort Hays State University/INT 490, printed Dec. 6, 2010, 5 pgs., at http://quasarint.com/Capstone/zb—policy.php.
Cisco Feature Navigator, Cisco Systems, Inc., San Jose, CA, at http://tools.cisco.com/ITDIT/CFN/Dispatch, printed on Dec. 2, 2010, 4 pgs.
Discussion of Conceptual Difference Between Cisco IOS Classic and Zone-Based Firewalls, Oct. 2007, 4 pgs., Cisco Systems, Inc., San Jose, CA.
Cisco IOS Firewall Zone-Based Policy Firewall, Release 12.4(6)T, Technical Discussion, Feb. 2006, 77 pgs., Cisco Systems, Inc., San Jose, CA.
Zone-Based Policy Firewall Design and Application Guide, Document ID: 98628, Sep. 13, 2007, 49 pgs., Cisco Systems, Inc., San Jose, CA.
SP Maj, W Makairanondh, D Veal, “An Evaluation of Firewall Configuration Methods,” IJSCSNS International Journal of Computer Science and Network Security, vol. 10, No. 8, Aug. 2010, 7 pgs.
Using VPN with Zone-Based Policy Firewall, May 2009, Cisco Systems, Inc., San Jose, CA, 10 pgs.
Cisco IOS Firewall Classic and Zone-Based Virtual Firewall Application Configuration Example, Document ID: 100595, Feb. 12, 2008, 20 pgs., Cisco Systems, Inc., San Jose, CA.
Class-Based Policy Provisioning: Introducing Class-Based Policy Language (CPL), Aug. 2008, 36 pgs., Cisco Systems, Inc., San Jose, CA.
Cisco IOS Zone Based Firewall Example, at http://www.linickx.com/archives/2945/cisco-ios-zon..., printed Dec. 7, 2010, 6 pgs., LINICKX.com.
Zone-Based Policy Firewall, Published Feb. 22, 2006, Updated Jun. 19, 2006, 46 pgs., Cisco Systems, Inc., San Jose, CA.
Applying Zone-based Firewall Policies in Cisco Security Manager, Published Mar. 2009, Revised Sep. 2009, 64 pgs., Cisco Systems, Inc., San Jose, CA.
“FreeBSD Handbook, Chapter 30 Firewalls,” 2003, found at www.freebsd.org/doc/handbook/firewalls-ipfw.html, printed Dec. 27, 2010, 13 pages.
Watters, Paul, “Solaris 8 Administrator's Guide. Chapter 4, Network Configuration,” O'Reilly & Associates, Inc., Jan. 2002, 17 pages.
Spitzner, Lance, “Configuring network interface cards; getting your interfaces to talk,” Mar. 23, 2004, 4 pages.
Gite, Vivek, “Redhat/CentOS/Fedora Linux Open Port,” Sep. 13, 2007, found at www.cyberciti.biz/faq/howto-rhel-linux-open-port-using-iptables/ printed Jan. 3, 2011, 7 pages.
Discussion of Conceptual Difference Between Cisc
Turley Patrick
White Eric
Dinh Minh
Rocksteady Technologies, LLC
Sprinkle IP Law Group
LandOfFree
Dynamically adaptive network firewalls and method, system... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Dynamically adaptive network firewalls and method, system..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Dynamically adaptive network firewalls and method, system... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4266809