System and method for providing dynamic network firewall with default deny

摘要

A computing system having host computer and an I/O processor (IOP) provides firewall services to the host computer. When the host computer and the IOP are initialized, all of the communication ports are reset to a closed state. Application programs are loaded into memory of the host computer for execution and provide the identity of communication ports to be used by the application. The identity of the requested communication ports are used to instruct the IOP to open the communication port to accept network data packets that use the particular port. When the application terminates operation, the communication ports used by the application are closed to provide dynamic control over communication ports. This process ensures that only ports currently used by applications currently executing within the host computer are open without administrator action.