-
公开(公告)号:US10834056B2
公开(公告)日:2020-11-10
申请号:US16050081
申请日:2018-07-31
申请人: CA, Inc.
发明人: Krishna Kumar Yadav Nukala , Vikas Pullagura , Shamayel Mohammed Farooqui , Jagadishwara Chary Sriramoju , Lakshmi Priya Vennapusa , Dharanidhar Sahu , Ramana Naga Venkata Mittapalli
IPC分类号: H04L29/06
摘要: Methods and devices for opening a firewall port for a specified time period are provided. A data packet having a source address and a destination address beyond a firewall transmitted from a process source is intercepted by an interceptor. Responsive to determining, based on the source address, that a firewall port is not open, buffering the data packet. A request comprising an identifier, a protocol identifier, and a time period the firewall port is to be open is transmitted to a firewall controller. The firewall controller authenticates the request based on the identifier and opens a firewall port determined based on the protocol identifier. The interceptor receives an open firewall port notification indicating that the firewall port has been opened and transmits the data packet through the firewall port to the destination address. The firewall controller closes the firewall port when the time period has expired.
-
公开(公告)号:US11075950B2
公开(公告)日:2021-07-27
申请号:US15999552
申请日:2018-08-20
申请人: CA, Inc.
发明人: Krishna Kumar Yadav Nukala , Vikas Pullagura , Dharanidhar Sahu , Jagadishwara Chary Sriramoju , Lakshmi Priya Vennapusa
摘要: A computer-implemented method of generating a security policy for a microsegmented computing system is provided. The method includes generating a port service map that indicates inbound packet activity by port for a plurality of network addresses within the microsegmented computing system and a port distribution map that indicates inbound packet activity by port for a plurality of network addresses within the microsegmented computing system, and generating a list of security policy recommendations based on the port service map and/or the port distribution map.
-
公开(公告)号:US20200059491A1
公开(公告)日:2020-02-20
申请号:US15999552
申请日:2018-08-20
申请人: CA, Inc.
发明人: Krishna Kumar Yadav Nukala , Vikas Pullagura , Dharanidhar Sahu , Jagadishwara Chary Sriramoju , Lakshmi Priya Vennapusa
摘要: A computer-implemented method of generating a security policy for a microsegmented computing system is provided. The method includes generating a port service map that indicates inbound packet activity by port for a plurality of network addresses within the microsegmented computing system and a port distribution map that indicates inbound packet activity by port for a plurality of network addresses within the microsegmented computing system, and generating a list of security policy recommendations based on the port service map and/or the port distribution map.
-
公开(公告)号:US20200045015A1
公开(公告)日:2020-02-06
申请号:US16050081
申请日:2018-07-31
申请人: CA, Inc.
发明人: Krishna Kumar Yadav Nukala , Vikas Pullagura , Shamayel Mohammed Farooqui , Jagadishwara Chary Sriramoju , Lakshmi Priya Vennapusa , Dharanidhar Sahu , Ramana Naga Venkata Mittapalli
IPC分类号: H04L29/06
摘要: Methods and devices for opening a firewall port for a specified time period are provided. A data packet having a source address and a destination address beyond a firewall transmitted from a process source is intercepted by an interceptor. Responsive to determining, based on the source address, that a firewall port is not open, buffering the data packet. A request comprising an identifier, a protocol identifier, and a time period the firewall port is to be open is transmitted to a firewall controller. The firewall controller authenticates the request based on the identifier and opens a firewall port determined based on the protocol identifier. The interceptor receives an open firewall port notification indicating that the firewall port has been opened and transmits the data packet through the firewall port to the destination address. The firewall controller closes the firewall port when the time period has expired.
-
-
-
搜索结果
4 条记录 (耗时 0.013 秒)
