What technology area does this patent fall under?

Primary CPC classification H04L63/0227. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue May 10 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Firewall policy management

US9338134B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9338134-B2
Application number	US-201313851456-A
Country	US
Kind code	B2
Filing date	Mar 27, 2013
Priority date	Mar 27, 2013
Publication date	May 10, 2016
Grant date	May 10, 2016

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Methods and systems are provided for creation and implementation of firewall policies. Method of the present invention includes enabling a firewall device to maintain a log of network traffic flow observed by the device. The method further includes enabling firewall device to receive an administrator request for a customized report to be generated based on log of network traffic and generating the report by extracting information from the log based on report parameters, where the report includes desired network traffic items that are associated with one or more action objects. The method further provides for firewall device to receive a directive to implement an appropriate firewall policy on one or more network traffic items responsive to interaction of administrator with one or more action objects corresponding to the network traffic items. Based on the directive and information from log, the firewall then defines and/or establishes appropriate firewall policy.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: maintaining, by a firewall device, a log of network traffic observed by the firewall device by storing, for each network traffic flow, information regarding one or more of bandwidth usage, a source interface, a destination interface, a source Internet Protocol (IP) address, a destination IP address, an event ID, an importance, application details, port information, traffic details, timestamps, user details, source device details, destination device details, a level of trust, source operating system details, a virus scan level and a schedule; receiving, by the firewall device, an administrator request for a customized and interactive report to be generated based on the log, the administrator request identifying report parameters including one or more of a specified time frame, a specified user, a specified user group, a specified application and a specified type of application; generating, by the firewall device, the customized and interactive report by extracting information from the log based on the report parameters, wherein the customized and interactive report presents one or more network traffic items in aggregate form corresponding to each of one or more traffic aggregation parameters and includes information identifying one or more of total running time and total bandwidth usage for each of the one or more network traffic items and an action object corresponding to each of the one or more network traffic items; responsive to interaction with a particular action object, receiving, by the firewall device, a directive to implement an appropriate firewall policy for the corresponding network traffic item of the one or more network traffic items; and based on the directive and the information extracted from the log, the firewall device, defining and establishing the appropriate firewall policy, wherein the appropriate firewall policy comprises one or more rules and one or more corresponding actions for imposing time or bandwidth limitations on network traffic associated with the specified application or the specified type of application by the specified user or the specified user group. 2. The method of claim 1 , wherein the one or more traffic aggregation parameters are selected from a group including a user, a group of users, a time frame, an application and a type of application. 3. The method of claim 1 , wherein the directive comprises a request to block, set up a schedule for or setup a time limitation or bandwidth limitation for the corresponding network traffic item. 4. The method of claim 3 , wherein the request includes information regarding a time frame during which the corresponding network traffic item is permitted or prohibited. 5. The method of claim 3 , wherein the request includes information regarding a total amount of time during which the corresponding network traffic item is permitted per day. 6. The method of claim 3 , wherein the request includes information regarding a maximum amount of total bandwidth permitted per day for the corresponding network traffic item. 7. The method of claim 3 , wherein the request includes information regarding a maximum instantaneous bandwidth rate permitted at any given time for the corresponding network traffic item. 8. The method of claim 1 , wherein the appropriate firewall policy comprises one or more rules and one or more corresponding actions for blocking network traffic associated with the specified application or the specified type of application. 9. The method of claim 1 , wherein the appropriate firewall policy comprises one or more rules and one or more corresponding actions for blocking network traffic associated with the specified application or the specified type of application for the specified user or the specified user group. 10. The method of claim 1 , wherein the appropriate firewall policy comprises one or more rules and one or more corresponding actions for imposing time or bandwidth limitations on network traffic associated with the specified application or the specified type of application. 11. The method of claim 1 , wherein the appropriate firewall policy comprises one or more rules and one or more corresponding actions for imposing time or bandwidth limitations on network traffic associated with the specified user or the specified user group. 12. The method of claim 1 , wherein the appropriate firewall policy comprises one or more rules and one or more corresponding actions for limiting use of the specified application or the specified type of application to a particular time frame. 13. The method of claim 1 , wherein the appropriate firewall policy comprises one or more rules and one or more corresponding actions for limiting use of the specified application or the specified type of application to a particular time frame by the specified user or the specified user group. 14. A system comprising: one or more microprocessors; a communication interface device; and one or more internal data storage devices operatively coupled to the one or more microprocessors and storing: a logging module, which when executed by the one or more microprocessors, maintains a log of network traffic observed by said system by storing, for each network traffic flow, information regarding one or more of bandwidth usage, a source interface, a destination interface, a source Internet Protocol (IP) address, a destination IP address, an event ID, an importance, application details, port information, traffic details, timestamps, user details, source device details, destination device details, a level of trust, source operating system details, a virus scan level and a schedule; a report request receive module, which when executed by the one or more microprocessors, receives an administrator request for a customized and interactive report to be generated based on the log, the administrator request identifying report parameters including one or more of a specified time frame, a specified user, a specified user group, a specified application and a specified type of application; a report generation module, which when executed by the one or more microprocessors, generates the customized and interactive report by extracting information from the log based on the report parameters, wherein the customized and interactive report presents one or more network traffic items in aggregate form corresponding to each of one or more traffic aggregation parameters and includes information identifying one or more of total running time and total bandwidth usage for each of the one or more network traffic items and an action object corresponding to each of the one or more network traffic items; a receive policy module, which when executed by the one or more microprocessors, receives a directive to implement an appropriate firewall policy for the corresponding network traffic item of the one or more network traffic items, wherein the directive is received in response to interaction with a particular action object, a policy implementation module, which when executed by the one or more microprocessors, defines and establishes the appropriate firewall policy based on the directive and the information extracted from the log, wherein the appropriate firewall policy comprises one or more rules and one or more corresponding actions for imposing time or bandwidth limitations on network traffic associated with the specified application or the specified type of application by the specified user or the specified user group. 15. The system of claim 14 , wherein the one or more traffic aggregation parameters are selected from a group including a user, a group

Assignees

Fortinet Inc

Inventors

Yin Jun

Classifications

H04L63/0227Primary
Filtering policies (mail message filtering H04L51/212) · CPC title
H04L63/164
at the network layer · CPC title
H04L63/0236Primary
Filtering by address, protocol, port number or service, e.g. IP-address or URL · CPC title
H04L63/1425
Traffic logging, e.g. anomaly detection · CPC title
G06F3/04847
Interaction techniques to control parameter settings, e.g. interaction with sliders or dials · CPC title

Patent family

Related publications grouped by family.

View patent family 54870703

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9338134B2 cover?: Methods and systems are provided for creation and implementation of firewall policies. Method of the present invention includes enabling a firewall device to maintain a log of network traffic flow observed by the device. The method further includes enabling firewall device to receive an administrator request for a customized report to be generated based on log of network traffic and generating …
Who is the assignee on this patent?: Fortinet Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/0227. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue May 10 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).