| 发明名称 | Systems and methods for automatically applying firewall policies within data center applications | ||
| 摘要 | The disclosed method may include (1) identifying a data center application whose functionality is provided by a set of systems, (2) organizing, automatically by the computing device, the set of systems into one or more application model groups by, for each system in the set of systems, identifying an attribute of the system that is indicative of a security context under which the system should operate and assigning the system to an application model group for which the security context will be provided, and (3) for each application model group in the one or more application model groups, protecting the application model group by selecting a firewall configuration that will provide the security context for the application model group and by using the selected firewall configuration to protect the application model group. Various other methods, systems, and computer-readable media are also disclosed. | ||
| 申请公布号 | US9438560(B2) | 申请公布日期 | 2016.09.06 |
| 申请号 | US201414588146 | 申请日期 | 2014.12.31 |
| 申请人 | Symantec Corporation | 发明人 | Mohanty Shubhabrata;Shirsat Amaresh |
| 分类号 | H04L29/06;H04L12/24 | 主分类号 | H04L29/06 |
| 代理机构 | ALG Intellectual Property, LLC | 代理人 | ALG Intellectual Property, LLC |
| 主权项 | 1. A computer-implemented method for automatically applying firewall policies within data center applications, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising: identifying a data center application whose functionality is provided by a set of systems; organizing, automatically by the computing device, the set of systems into one or more application model groups that each comprise a group of applications with a same security context by, for each system in the set of systems: identifying an attribute of the system within the set of systems that is indicative of a security context under which the system should operate;assigning the system to an application model group for which the security context will be provided; for each application model group in the one or more application model groups, protecting the application model group by: selecting a firewall configuration that, when applied, will provide the security context for the application model group based at least in part on correlating metadata about the firewall configuration with the application model group;using the selected firewall configuration to protect the application model group. | ||
| 地址 | Mountain View CA US | ||