18472050. INTELLIGENT FIREWALL POLICY PROCESSOR simplified abstract (Juniper Networks, Inc.)

From WikiPatents
Jump to navigation Jump to search

INTELLIGENT FIREWALL POLICY PROCESSOR

Organization Name

Juniper Networks, Inc.

Inventor(s)

Raja Kommula of Cupertino CA (US)

Rahul Gupta of Kanpur (IN)

Ganesh Byagoti Matad Sunkada of Bengaluru (IN)

Tarun Banka of Milpitas CA (US)

Thayumanavan Sridhar of Sunnyvale CA (US)

Raj Yavatkar of Los Gatos CA (US)

INTELLIGENT FIREWALL POLICY PROCESSOR - A simplified explanation of the abstract

This abstract first appeared for US patent application 18472050 titled 'INTELLIGENT FIREWALL POLICY PROCESSOR

Simplified Explanation

The example network system described in the abstract includes processing circuitry and memories that store instructions for obtaining telemetry data associated with applications running on multiple hosts. The system then determines a subset of applications and firewall policies based on the telemetry data, and sends this information to a management plane of a distributed firewall.

  • Explanation of the patent/innovation:

- The system collects telemetry data from various applications running on different hosts. - It analyzes this data to identify a subset of applications on a specific host. - It also determines a subset of firewall policies that apply to these identified applications. - Finally, it generates and sends this information to a management plane of a distributed firewall.

Potential applications of this technology: - Network security management systems - Cloud computing platforms - Data center infrastructure

Problems solved by this technology: - Efficient management of firewall policies for multiple applications across different hosts - Simplified identification and application of firewall rules based on telemetry data

Benefits of this technology: - Improved network security - Streamlined firewall policy management - Enhanced visibility and control over application traffic

Potential commercial applications of this technology: - Network security software solutions - Cloud service providers - Enterprise IT infrastructure management tools

Possible prior art: - Prior art in the field of network security management systems - Existing technologies for firewall policy management and application identification

Questions: 1. How does the system ensure the accuracy and reliability of the telemetry data collected from various applications? 2. What measures are in place to protect the confidentiality and integrity of the firewall policies sent to the management plane of the distributed firewall?


Original Abstract Submitted

An example network system includes processing circuitry and one or more memories coupled to the processing circuitry. The one or more memories are configured to store instructions which cause the system to obtain telemetry data, the telemetry data being associated with a plurality of applications running on a plurality of hosts. The instructions cause the system to, based on the telemetry data, determine a subset of applications of the plurality of applications that run on a first host of the plurality of hosts. The instructions cause the system to determine a subset of firewall policies of a plurality of firewall polices, each of the subset of firewall policies applying to at least one respective application of the subset of applications. The instructions cause the system to generate an indication of the subset of firewall policies and send the indication to a management plane of a distributed firewall.