WO2006093557A3 - Method, systems, and computer program products for implementing function-parallel network firewall - Google Patents

Method, systems, and computer program products for implementing function-parallel network firewall Download PDF

Info

Publication number
WO2006093557A3
WO2006093557A3 PCT/US2005/047008 US2005047008W WO2006093557A3 WO 2006093557 A3 WO2006093557 A3 WO 2006093557A3 US 2005047008 W US2005047008 W US 2005047008W WO 2006093557 A3 WO2006093557 A3 WO 2006093557A3
Authority
WO
WIPO (PCT)
Prior art keywords
systems
computer program
program products
rule set
parallel network
Prior art date
Application number
PCT/US2005/047008
Other languages
French (fr)
Other versions
WO2006093557A2 (en
Inventor
Errin W Fulp
Ryan J Farley
Original Assignee
Univ Wake Forest
Errin W Fulp
Ryan J Farley
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Univ Wake Forest, Errin W Fulp, Ryan J Farley filed Critical Univ Wake Forest
Priority to AU2005328336A priority Critical patent/AU2005328336B2/en
Priority to CA2594020A priority patent/CA2594020C/en
Priority to EP05857614.1A priority patent/EP1839188B1/en
Publication of WO2006093557A2 publication Critical patent/WO2006093557A2/en
Publication of WO2006093557A3 publication Critical patent/WO2006093557A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management

Abstract

Methods, systems, and computer program products for providing function-paralell firewalls are disclosed. According to one aspect, a function-parallel firewall includes a first firewall node for filtering received packets using a first portion of a rule set including a plurality of rules. The first portion includes less than all of the rules in the rule set. At least one second firewall node filters packets using a second portion of the rule set. The second portion includes at least one rule in the rule set that is not present in the first portion. The first and second portions together include all of the rules in the rule set.
PCT/US2005/047008 2004-12-22 2005-12-22 Method, systems, and computer program products for implementing function-parallel network firewall WO2006093557A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
AU2005328336A AU2005328336B2 (en) 2004-12-22 2005-12-22 Method, systems, and computer program products for implementing function-parallel network firewall
CA2594020A CA2594020C (en) 2004-12-22 2005-12-22 Method, systems, and computer program products for implementing function-parallel network firewall
EP05857614.1A EP1839188B1 (en) 2004-12-22 2005-12-22 Method, systems, and computer program products for implementing function-parallel network firewall

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US63843604P 2004-12-22 2004-12-22
US60/638,436 2004-12-22

Publications (2)

Publication Number Publication Date
WO2006093557A2 WO2006093557A2 (en) 2006-09-08
WO2006093557A3 true WO2006093557A3 (en) 2007-01-18

Family

ID=36941591

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/047008 WO2006093557A2 (en) 2004-12-22 2005-12-22 Method, systems, and computer program products for implementing function-parallel network firewall

Country Status (5)

Country Link
US (1) US8037517B2 (en)
EP (1) EP1839188B1 (en)
AU (1) AU2005328336B2 (en)
CA (1) CA2594020C (en)
WO (1) WO2006093557A2 (en)

Families Citing this family (150)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050251811A1 (en) * 2004-05-07 2005-11-10 International Business Machines Corporation Distributed messaging system supporting stateful
US20050251556A1 (en) * 2004-05-07 2005-11-10 International Business Machines Corporation Continuous feedback-controlled deployment of message transforms in a distributed messaging system
US7886180B2 (en) * 2004-05-14 2011-02-08 International Business Machines Corporation Recovery in a distributed stateful publish-subscribe system
US8037517B2 (en) 2004-12-22 2011-10-11 Wake Forest University Method, systems, and computer program products for implementing function-parallel network firewall
AU2006230171B2 (en) * 2005-03-28 2012-06-21 Wake Forest University Methods, systems, and computer program products for network firewall policy optimization
US7954142B2 (en) * 2005-06-15 2011-05-31 The Board Of Regents, University Of Texas System System and method of resolving discrepancies between diverse firewall designs
US7870602B2 (en) * 2005-09-14 2011-01-11 At&T Intellectual Property I, L.P. System and method for reducing data stream interruption during failure of a firewall device
US8250229B2 (en) * 2005-09-29 2012-08-21 International Business Machines Corporation Internet protocol security (IPSEC) packet processing for multiple clients sharing a single network address
US20070156460A1 (en) * 2005-12-29 2007-07-05 Nair Ranjit R System having a locally interacting distributed joint equilibrium-based search for policies and global policy selection
KR101252812B1 (en) * 2006-04-25 2013-04-12 주식회사 엘지씨엔에스 Network security device and method for controlling of packet data using the same
US8296839B2 (en) * 2006-06-06 2012-10-23 The Mitre Corporation VPN discovery server
US20070297327A1 (en) * 2006-06-27 2007-12-27 International Business Machines Corporation Method for applying stochastic control optimization for messaging systems
US7725594B2 (en) * 2006-12-29 2010-05-25 Verizon Patent And Licensing Inc. Assigning priority to network traffic at customer premises
US8561166B2 (en) * 2007-01-07 2013-10-15 Alcatel Lucent Efficient implementation of security applications in a networked environment
US8291483B2 (en) * 2007-04-30 2012-10-16 Hewlett-Packard Development Company, L.P. Remote network device with security policy failsafe
US8316345B2 (en) * 2007-06-01 2012-11-20 Microsoft Corporation Program abstraction based on program control
US8370919B2 (en) * 2007-06-26 2013-02-05 Microsoft Corporation Host firewall integration with edge traversal technology
US8443433B2 (en) * 2007-06-28 2013-05-14 Microsoft Corporation Determining a merged security policy for a computer system
US8645527B1 (en) * 2007-07-25 2014-02-04 Xangati, Inc. Network monitoring using bounded memory data structures
US8639797B1 (en) 2007-08-03 2014-01-28 Xangati, Inc. Network monitoring of behavior probability density
US9736172B2 (en) 2007-09-12 2017-08-15 Avaya Inc. Signature-free intrusion detection
US9178898B2 (en) * 2007-09-12 2015-11-03 Avaya Inc. Distributed stateful intrusion detection for voice over IP
US9438641B2 (en) 2007-09-12 2016-09-06 Avaya Inc. State machine profiling for voice over IP calls
US9100417B2 (en) 2007-09-12 2015-08-04 Avaya Inc. Multi-node and multi-call state machine profiling for detecting SPIT
US20090138960A1 (en) * 2007-10-26 2009-05-28 University Of Ottawa Control access rule conflict detection
US20090141737A1 (en) * 2007-11-30 2009-06-04 Texas Instruments Incorporated Systems and methods for prioritized channel access hardware assistance design
US7877380B2 (en) * 2008-02-25 2011-01-25 Yahoo! Inc. System for query scheduling to maximize work sharing
US8339959B1 (en) 2008-05-20 2012-12-25 Juniper Networks, Inc. Streamlined packet forwarding using dynamic filters for routing and security in a shared forwarding plane
US8365259B2 (en) * 2008-05-28 2013-01-29 Zscaler, Inc. Security message processing
US9514023B2 (en) * 2008-06-24 2016-12-06 International Business Machines Corporation Message flow control in a multi-node computer system
CA2738690A1 (en) * 2008-09-12 2010-03-18 Hewlett-Packard Company Distributed packet flow inspection and processing
US8955107B2 (en) * 2008-09-12 2015-02-10 Juniper Networks, Inc. Hierarchical application of security services within a computer network
US7796541B1 (en) 2008-09-30 2010-09-14 Juniper Networks, Inc. Methods and apparatus for range matching during packet classification based on a linked-node structure
US8675648B1 (en) 2008-09-30 2014-03-18 Juniper Networks, Inc. Methods and apparatus for compression in packet classification
US7961734B2 (en) * 2008-09-30 2011-06-14 Juniper Networks, Inc. Methods and apparatus related to packet classification associated with a multi-stage switch
US7835357B2 (en) 2008-09-30 2010-11-16 Juniper Networks, Inc. Methods and apparatus for packet classification based on policy vectors
US8798057B1 (en) 2008-09-30 2014-08-05 Juniper Networks, Inc. Methods and apparatus to implement except condition during data packet classification
US7738454B1 (en) * 2008-09-30 2010-06-15 Juniper Networks, Inc. Methods and apparatus related to packet classification based on range values
US8804950B1 (en) 2008-09-30 2014-08-12 Juniper Networks, Inc. Methods and apparatus for producing a hash value based on a hash function
US8040808B1 (en) 2008-10-20 2011-10-18 Juniper Networks, Inc. Service aware path selection with a network acceleration device
EP2347557B1 (en) * 2008-11-12 2019-01-09 Citrix Systems, Inc. Systems and methods for application fluency policies
US8111697B1 (en) 2008-12-31 2012-02-07 Juniper Networks, Inc. Methods and apparatus for packet classification based on multiple conditions
US7889741B1 (en) 2008-12-31 2011-02-15 Juniper Networks, Inc. Methods and apparatus for packet classification based on multiple conditions
US8488588B1 (en) 2008-12-31 2013-07-16 Juniper Networks, Inc. Methods and apparatus for indexing set bit values in a long vector associated with a switch fabric
US8769664B1 (en) * 2009-01-30 2014-07-01 Palo Alto Networks, Inc. Security processing in active security devices
US10992555B2 (en) 2009-05-29 2021-04-27 Virtual Instruments Worldwide, Inc. Recording, replay, and sharing of live network monitoring views
US8495725B2 (en) * 2009-08-28 2013-07-23 Great Wall Systems Methods, systems, and computer readable media for adaptive packet filtering
US8782787B2 (en) 2009-10-28 2014-07-15 Hewlett-Packard Development Company, L.P. Distributed packet flow inspection and processing
US8555368B2 (en) * 2009-12-09 2013-10-08 Intel Corporation Firewall filtering using network controller circuitry
US8438626B2 (en) * 2009-12-23 2013-05-07 Citrix Systems, Inc. Systems and methods for processing application firewall session information on owner core in multiple core system
US9015319B2 (en) * 2010-06-04 2015-04-21 Telefonaktiebolaget L M Ericsson (Publ) Layered access control for machine type communication devices
US8914841B2 (en) * 2010-11-24 2014-12-16 Tufin Software Technologies Ltd. Method and system for mapping between connectivity requests and a security rule set
KR101206095B1 (en) * 2010-11-30 2012-11-28 엘에스산전 주식회사 Intelligent Electric Device, network system including the device and the protecting method for the network
US9282060B2 (en) 2010-12-15 2016-03-08 Juniper Networks, Inc. Methods and apparatus for dynamic resource management within a distributed control plane of a switch
US8800021B1 (en) * 2011-06-29 2014-08-05 Juniper Networks, Inc. Hardware implementation of complex firewalls using chaining technique
US8881258B2 (en) 2011-08-24 2014-11-04 Mcafee, Inc. System, method, and computer program for preventing infections from spreading in a network environment using dynamic application of a firewall policy
US8887263B2 (en) 2011-09-08 2014-11-11 Mcafee, Inc. Authentication sharing in a firewall cluster
US8763106B2 (en) 2011-09-08 2014-06-24 Mcafee, Inc. Application state sharing in a firewall cluster
KR101280910B1 (en) * 2011-12-15 2013-07-02 한국전자통신연구원 Two-stage intrusion detection system for high speed packet process using network processor and method thereof
US9251535B1 (en) 2012-01-05 2016-02-02 Juniper Networks, Inc. Offload of data transfer statistics from a mobile access gateway
US9237128B2 (en) * 2013-03-15 2016-01-12 International Business Machines Corporation Firewall packet filtering
US9191399B2 (en) * 2012-09-11 2015-11-17 The Boeing Company Detection of infected network devices via analysis of responseless outgoing network traffic
US9450819B2 (en) * 2012-10-12 2016-09-20 Cisco Technology, Inc. Autonomic network sentinels
US9565213B2 (en) 2012-10-22 2017-02-07 Centripetal Networks, Inc. Methods and systems for protecting a secured network
US9137205B2 (en) 2012-10-22 2015-09-15 Centripetal Networks, Inc. Methods and systems for protecting a secured network
WO2014077614A1 (en) * 2012-11-19 2014-05-22 Samsung Sds Co., Ltd. Anti-malware system, method of processing data in the same, and computing device
KR101415850B1 (en) * 2012-11-30 2014-07-09 한국전자통신연구원 Apparatus and method for checking firewall policy
US9203806B2 (en) 2013-01-11 2015-12-01 Centripetal Networks, Inc. Rule swapping in a packet network
US9124552B2 (en) 2013-03-12 2015-09-01 Centripetal Networks, Inc. Filtering network data transfers
US9270704B2 (en) 2013-03-13 2016-02-23 FireMon, LLC Modeling network devices for behavior analysis
US9578061B2 (en) * 2013-03-13 2017-02-21 FireMon, LLC System and method for modeling a networking device policy
US9094445B2 (en) 2013-03-15 2015-07-28 Centripetal Networks, Inc. Protecting networks from cyber attacks and overloading
US9225638B2 (en) 2013-05-09 2015-12-29 Vmware, Inc. Method and system for service switching using service tags
US9380081B1 (en) * 2013-05-17 2016-06-28 Ca, Inc. Bidirectional network data replications
US9356875B2 (en) 2013-07-22 2016-05-31 Cisco Technology, Inc. Using statistical and historical information of topology metrics in constrained networks
US9462001B2 (en) * 2014-01-15 2016-10-04 Cisco Technology, Inc. Computer network access control
US9276904B2 (en) * 2014-02-20 2016-03-01 Nicira, Inc. Specifying point of enforcement in a firewall rule
US9674147B2 (en) * 2014-05-06 2017-06-06 At&T Intellectual Property I, L.P. Methods and apparatus to provide a distributed firewall in a network
US9935827B2 (en) 2014-09-30 2018-04-03 Nicira, Inc. Method and apparatus for distributing load among a plurality of service nodes
US10135737B2 (en) 2014-09-30 2018-11-20 Nicira, Inc. Distributed load balancing systems
US11296930B2 (en) 2014-09-30 2022-04-05 Nicira, Inc. Tunnel-enabled elastic service model
CN105704093B (en) * 2014-11-25 2018-06-12 中国移动通信集团设计院有限公司 A kind of firewall access control policy error-checking method, apparatus and system
US9692727B2 (en) 2014-12-02 2017-06-27 Nicira, Inc. Context-aware distributed firewall
US10841360B2 (en) 2014-12-08 2020-11-17 Umbra Technologies Ltd. System and method for content retrieval from remote network regions
EP3243314A4 (en) 2015-01-06 2018-09-05 Umbra Technologies Ltd. System and method for neutral application programming interface
JP2018507639A (en) 2015-01-28 2018-03-15 アンブラ テクノロジーズ リミテッドUmbra Technologies Ltd. System and method for global virtual network
US9264370B1 (en) 2015-02-10 2016-02-16 Centripetal Networks, Inc. Correlating packets in communications networks
US9713066B2 (en) * 2015-03-02 2017-07-18 Qualcomm Incorporated Mobile access point connection switching
US10594743B2 (en) 2015-04-03 2020-03-17 Nicira, Inc. Method, apparatus, and system for implementing a content switch
EP3281368B1 (en) 2015-04-07 2020-05-06 Umbra Technologies Ltd. Network system having virtual interfaces and a routing module for a virtual network
US9866576B2 (en) 2015-04-17 2018-01-09 Centripetal Networks, Inc. Rule-based network-threat detection
CN107925594B (en) 2015-06-11 2020-12-29 安博科技有限公司 System and method for network tapestry multiprotocol integration
US9838354B1 (en) * 2015-06-26 2017-12-05 Juniper Networks, Inc. Predicting firewall rule ranking value
US9806948B2 (en) 2015-06-30 2017-10-31 Nicira, Inc. Providing firewall rules for workload spread across multiple data centers
JP5967739B1 (en) * 2015-07-23 2016-08-10 Necプラットフォームズ株式会社 Filtering system, management apparatus, filtering method, and management program
US10291654B2 (en) * 2015-09-30 2019-05-14 Symantec Corporation Automated construction of network whitelists using host-based security controls
CN108293063B (en) 2015-12-11 2022-05-24 安博科技有限公司 System and method for information slingshot on network tapestry and instant granularity
US10021070B2 (en) * 2015-12-22 2018-07-10 Cisco Technology, Inc. Method and apparatus for federated firewall security
US9917856B2 (en) 2015-12-23 2018-03-13 Centripetal Networks, Inc. Rule-based network-threat detection for encrypted communications
US11729144B2 (en) 2016-01-04 2023-08-15 Centripetal Networks, Llc Efficient packet capture for cyber threat analysis
US10594731B2 (en) * 2016-03-24 2020-03-17 Snowflake Inc. Systems, methods, and devices for securely managing network connections
ES2903130T3 (en) 2016-04-26 2022-03-31 Umbra Tech Ltd Network Slinghop Implemented Using Tapestry Slingshot
US10135727B2 (en) 2016-04-29 2018-11-20 Nicira, Inc. Address grouping for distributed service rules
US10348685B2 (en) 2016-04-29 2019-07-09 Nicira, Inc. Priority allocation for distributed service rules
US10944722B2 (en) 2016-05-01 2021-03-09 Nicira, Inc. Using activities to manage multi-tenant firewall configuration
US11171920B2 (en) 2016-05-01 2021-11-09 Nicira, Inc. Publication of firewall configuration
US10785234B2 (en) * 2016-06-22 2020-09-22 Cisco Technology, Inc. Dynamic packet inspection plan system utilizing rule probability based selection
US11258761B2 (en) 2016-06-29 2022-02-22 Nicira, Inc. Self-service firewall configuration
US11088990B2 (en) 2016-06-29 2021-08-10 Nicira, Inc. Translation cache for firewall configuration
US10567344B2 (en) * 2016-08-23 2020-02-18 Cisco Technology, Inc. Automatic firewall configuration based on aggregated cloud managed information
CN108092941A (en) * 2016-11-23 2018-05-29 中国移动通信有限公司研究院 A kind of network safety protection method, apparatus and system
US10193862B2 (en) 2016-11-29 2019-01-29 Vmware, Inc. Security policy analysis based on detecting new network port connections
US10587578B2 (en) * 2016-12-19 2020-03-10 Nicira, Inc. Firewall rule management for hierarchical entities
US11005731B2 (en) * 2017-04-05 2021-05-11 Cisco Technology, Inc. Estimating model parameters for automatic deployment of scalable micro services
US10503899B2 (en) 2017-07-10 2019-12-10 Centripetal Networks, Inc. Cyberanalysis workflow acceleration
US11233777B2 (en) 2017-07-24 2022-01-25 Centripetal Networks, Inc. Efficient SSL/TLS proxy
US10284526B2 (en) 2017-07-24 2019-05-07 Centripetal Networks, Inc. Efficient SSL/TLS proxy
US10805181B2 (en) 2017-10-29 2020-10-13 Nicira, Inc. Service operation chaining
US10616253B2 (en) 2017-11-13 2020-04-07 International Business Machines Corporation Anomaly detection using cognitive computing
US11012420B2 (en) * 2017-11-15 2021-05-18 Nicira, Inc. Third-party service chaining using packet encapsulation in a flow-based forwarding element
US10757077B2 (en) 2017-11-15 2020-08-25 Nicira, Inc. Stateful connection policy filtering
US10708229B2 (en) 2017-11-15 2020-07-07 Nicira, Inc. Packet induced revalidation of connection tracker
US10797910B2 (en) 2018-01-26 2020-10-06 Nicira, Inc. Specifying and utilizing paths through a network
US11218447B2 (en) * 2018-03-02 2022-01-04 Disney Enterprises, Inc. Firewall rule remediation for improved network security and performance
US10805192B2 (en) 2018-03-27 2020-10-13 Nicira, Inc. Detecting failure of layer 2 service using broadcast messages
US10333898B1 (en) 2018-07-09 2019-06-25 Centripetal Networks, Inc. Methods and systems for efficient network protection
US11537720B1 (en) * 2018-10-22 2022-12-27 HashiCorp, Inc. Security configuration optimizer systems and methods
US11310242B2 (en) * 2019-01-15 2022-04-19 Raytheon Bbn Technologies Corp. System and method for protecting network-facing services
US11003482B2 (en) 2019-02-22 2021-05-11 Vmware, Inc. Service proxy operations
US11310202B2 (en) 2019-03-13 2022-04-19 Vmware, Inc. Sharing of firewall rules among multiple workloads in a hypervisor
DE102019106543A1 (en) 2019-03-14 2020-09-17 Anapur Ag Method and communication control system for controlling communication in a communication network
US11283717B2 (en) 2019-10-30 2022-03-22 Vmware, Inc. Distributed fault tolerant service chain
US11140218B2 (en) 2019-10-30 2021-10-05 Vmware, Inc. Distributed service chain across multiple clouds
US11223494B2 (en) 2020-01-13 2022-01-11 Vmware, Inc. Service insertion for multicast traffic at boundary
US11153406B2 (en) 2020-01-20 2021-10-19 Vmware, Inc. Method of network performance visualization of service function chains
US11659061B2 (en) 2020-01-20 2023-05-23 Vmware, Inc. Method of adjusting service function chains to improve network performance
WO2021195421A1 (en) * 2020-03-26 2021-09-30 EOS Defense Systems USA, Inc. System for implementing a data link layer protocol in a compute host
US11088919B1 (en) 2020-04-06 2021-08-10 Vmware, Inc. Data structure for defining multi-site logical network
US11736383B2 (en) 2020-04-06 2023-08-22 Vmware, Inc. Logical forwarding element identifier translation between datacenters
US11368387B2 (en) 2020-04-06 2022-06-21 Vmware, Inc. Using router as service node through logical service plane
US11777793B2 (en) 2020-04-06 2023-10-03 Vmware, Inc. Location criteria for security groups
US11683233B2 (en) 2020-04-06 2023-06-20 Vmware, Inc. Provision of logical network data from global manager to local managers
CN111953748B (en) * 2020-07-28 2024-03-19 腾讯科技(深圳)有限公司 Session record generation method, device and storage medium
US11343283B2 (en) * 2020-09-28 2022-05-24 Vmware, Inc. Multi-tenant network virtualization infrastructure
US11362996B2 (en) 2020-10-27 2022-06-14 Centripetal Networks, Inc. Methods and systems for efficient adaptive logging of cyber threat incidents
US11734043B2 (en) 2020-12-15 2023-08-22 Vmware, Inc. Providing stateful services in a scalable manner for machines executing on host computers
US11611625B2 (en) 2020-12-15 2023-03-21 Vmware, Inc. Providing stateful services in a scalable manner for machines executing on host computers
CN112637179B (en) * 2020-12-17 2022-11-22 深信服科技股份有限公司 Firewall policy analysis method, device, equipment and storage medium
US11159546B1 (en) 2021-04-20 2021-10-26 Centripetal Networks, Inc. Methods and systems for efficient threat context-aware packet filtering for network protection
US20230139002A1 (en) * 2021-10-29 2023-05-04 Cisco Technology, Inc. SASE Based Method of Preventing Exhausting Attack in Wireless Mesh Networks

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020038339A1 (en) * 2000-09-08 2002-03-28 Wei Xu Systems and methods for packet distribution

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6484261B1 (en) * 1998-02-17 2002-11-19 Cisco Technology, Inc. Graphical network security policy management
EP1107140A3 (en) * 1999-11-30 2004-01-28 Hitachi, Ltd. Security system design supporting method
US6662235B1 (en) * 2000-08-24 2003-12-09 International Business Machines Corporation Methods systems and computer program products for processing complex policy rules based on rule form type
KR100398281B1 (en) 2001-04-17 2003-09-19 시큐아이닷컴 주식회사 Method for high speed policy distinction in firewall system
US7227842B1 (en) * 2001-04-24 2007-06-05 Tensilica, Inc. Fast IP packet classification with configurable processor
US7331061B1 (en) * 2001-09-07 2008-02-12 Secureworks, Inc. Integrated computer security management system and method
US7386525B2 (en) * 2001-09-21 2008-06-10 Stonesoft Corporation Data packet filtering
US20030165949A1 (en) * 2001-12-27 2003-09-04 Wang San Ming Genes abnormally expressed in myeloid leukemia cells with an MLL-AF9 fusion
US7107613B1 (en) * 2002-03-27 2006-09-12 Cisco Technology, Inc. Method and apparatus for reducing the number of tunnels used to implement a security policy on a network
GB2387681A (en) * 2002-04-18 2003-10-22 Isis Innovation Intrusion detection system with inductive logic means for suggesting new general rules
US7441262B2 (en) * 2002-07-11 2008-10-21 Seaway Networks Inc. Integrated VPN/firewall system
US7263099B1 (en) * 2002-08-14 2007-08-28 Juniper Networks, Inc. Multicast packet replication
FR2844415B1 (en) * 2002-09-05 2005-02-11 At & T Corp FIREWALL SYSTEM FOR INTERCONNECTING TWO IP NETWORKS MANAGED BY TWO DIFFERENT ADMINISTRATIVE ENTITIES
DE60313987T2 (en) * 2002-10-02 2008-01-24 Telus Communications Co., Edmonton PREPARATION OF RULES FOR FILTERING COMPUTER APPLICATIONS
US20050125697A1 (en) * 2002-12-27 2005-06-09 Fujitsu Limited Device for checking firewall policy
US20040193943A1 (en) * 2003-02-13 2004-09-30 Robert Angelino Multiparameter network fault detection system using probabilistic and aggregation analysis
US20040177139A1 (en) * 2003-03-03 2004-09-09 Schuba Christoph L. Method and apparatus for computing priorities between conflicting rules for network services
US7509673B2 (en) 2003-06-06 2009-03-24 Microsoft Corporation Multi-layered firewall architecture
US7237267B2 (en) * 2003-10-16 2007-06-26 Cisco Technology, Inc. Policy-based network security management
US20050183140A1 (en) * 2003-11-20 2005-08-18 Goddard Stephen M. Hierarchical firewall load balancing and L4/L7 dispatching
US20050229246A1 (en) * 2004-03-31 2005-10-13 Priya Rajagopal Programmable context aware firewall with integrated intrusion detection system
US8037517B2 (en) 2004-12-22 2011-10-11 Wake Forest University Method, systems, and computer program products for implementing function-parallel network firewall
AU2006230171B2 (en) * 2005-03-28 2012-06-21 Wake Forest University Methods, systems, and computer program products for network firewall policy optimization
WO2008093320A1 (en) * 2007-01-31 2008-08-07 Tufin Software Technologies Ltd. System and method for auditing a security policy
US8209738B2 (en) * 2007-05-31 2012-06-26 The Board Of Trustees Of The University Of Illinois Analysis of distributed policy rule-sets for compliance with global policy

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020038339A1 (en) * 2000-09-08 2002-03-28 Wei Xu Systems and methods for packet distribution

Also Published As

Publication number Publication date
CA2594020C (en) 2014-12-09
WO2006093557A2 (en) 2006-09-08
EP1839188A4 (en) 2012-07-25
EP1839188A2 (en) 2007-10-03
AU2005328336A1 (en) 2006-09-08
US8037517B2 (en) 2011-10-11
AU2005328336B2 (en) 2011-09-15
US20060195896A1 (en) 2006-08-31
EP1839188B1 (en) 2018-08-29
CA2594020A1 (en) 2006-09-08

Similar Documents

Publication Publication Date Title
WO2006093557A3 (en) Method, systems, and computer program products for implementing function-parallel network firewall
WO2006105093A3 (en) Methods, systems, and computer program products for network firewall policy optimization
WO2000008817A3 (en) System and method for filtering data
WO2009018578A3 (en) Methods, systems, and computer readable media for collecting data from network traffic traversing high speed internet protocol (ip) communication links
EP1484887A3 (en) A multi-layer based method for implementing network firewalls
WO2002061630A3 (en) System, method and article of manufacture for distributing ip cores
EP1484886A3 (en) Method and framework for integrating a plurality of network policies
AU2001288757A1 (en) System, method, uses, products, program products, and business methods for distributed internet and distributed network services
AU2001288644A1 (en) System, method, uses, products, program products, and business methods for distributed internet and distributed network services
WO2004070564A3 (en) System and method for money management in electronic trading environment
WO2004102535A3 (en) Disaster recovery for processing resources using configurable deployment platform
WO2006104795A3 (en) Autonomous link discovery in a communications network
EP1542407A4 (en) Network system, spanning tree structuring method, spanning tree structure node, and spanning tree structure program
WO2003081845A3 (en) Network management system
WO2002099571A3 (en) System and method for topology constrained routing policy provisioning
WO2005036339A3 (en) System and method for dynamic distribution of intrusion signatures
AU2001270169A1 (en) Method and system for monitoring online computer network behavior and creating online behavior profiles
WO2006086307A3 (en) Video node for wireless mesh network
EP1364297A4 (en) Methods and apparatus for protecting against overload conditions on nodes of a distributed network
WO2006062915A3 (en) System and method for vital communications connectivity
WO2007104691A3 (en) Method and communication system for the computer-aided detection and identification of copyrighted contents
CN104994065A (en) Access control list operation system and method based on software-defined network
WO2002044835A3 (en) A method and system for software and hardware multiplicity
WO2004021394A3 (en) Method, system, and device for optimizing an ftms variable
WO2002001798A3 (en) Differentiated service network and method of operating a differentiated service network

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2005857614

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2594020

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2005328336

Country of ref document: AU

ENP Entry into the national phase

Ref document number: 2005328336

Country of ref document: AU

Date of ref document: 20051222

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application