METHOD AND SYSTEM FOR MANAGING A HOST-BASED FIREWALL

摘要

Disclosed herein are a system and method for managing a firewall of one or more host computing device associated with a customer, wherein each host computing device including a configurable firewall. In one arrangement, the system includes: a central management suite coupled to a first host computing device via a communications link, said central management suite including: a management portal for receiving instructions from said customer relating to a set of policies, wherein each policy defines a set of firewall rules; a storage device for storing said set of policies in a format inapplicable for configuring the firewall of the first host computing device; and a management policy module for retrieving from said stored set of policies a policy associated with said first host computing device. The system further includes: a first policy translator resident on said first host computing device for receiving said retrieved policy from said central management suite, via said communications link, and for translating said retrieved policy to a format applicable for configuring the firewall of the first host computing device to facilitate implementing a set of firewall rules defined by said retrieved policy.

主权项

1. A system for managing a firewall of one or more end-host computing devices associated with a customer, each end-host computing device including a configurable firewall, said system including:
a central management suite coupled to a first end-host computing device via a communications link, said central management suite including: a management portal for receiving instructions from said customer relating to a set of policies, wherein each policy defines a set of firewall rules; a storage device for storing said set of policies in a format inapplicable for configuring the firewall of the first end-host computing device; and a management policy module for retrieving from said stored set of policies a policy associated with said first end-host computing device; and a first policy translator resident on said first end-host computing device for receiving said retrieved policy from said central management suite, via said communications link, and for translating said retrieved policy to a format applicable for configuring the firewall of the first end-host computing device to facilitate implementing a set of firewall rules defined by said retrieved policy.