Method and system for distributing security policies

• Main Authors: SHETH SACHIN C, IVANOV MAXIM A, NAGAMPALLI NARASIMHA R. S, LIN YUN, PALEOLOGU EMANUEL, KOTI SHIRISH R, YOUNGBLUT ERIC E
• Format: Patent
• Language: Chinese; English
• Published: 01.09.2010
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

A method and system for distributing and enforcing security policies is provided. A firewall agent executing at a host computer system that is to be protected receives security policies for the enforcement engines responsible for enforcing the security policies on the host computer system. A security policy has rules that each provide a condition and action to be performed when the condition is satisfied. A rule also has a rule type that is used by the distribution system to identify the security components that are responsible for enforcing the rules. To distribute the security policies thathave been received at a host computer system, the firewall agent identifies to which enforcement engine a rule applies based in part on rule type. The firewall agent then distributes the rule to the identified enforcement engine, which then enforces the rule.