FINE-GRAINED FIREWALL POLICY ENFORCEMENT USING SESSION APP ID AND ENDPOINT PROCESS ID CORRELATION

Techniques for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation are disclosed. In some embodiments, a system/process/computer program product for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation include...

Full description

Saved in:
Bibliographic Details
Main Authors LAM, Ho, Yu, TESH, Robert, LI, Qiuming, ASHLEY, Robert, Earle, JIN, Xuanyu, ETTEMA, Taylor, MATHISON, Paul, Theodore
Format Patent
LanguageEnglish
French
German
Published 22.07.2020
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:Techniques for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation are disclosed. In some embodiments, a system/process/computer program product for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation includes receiving, at a network device on an enterprise network, process identification (ID) information from an endpoint (EP) agent executed on an EP device, in which the process identification information identifies a process that is initiating a network session from the EP device on the enterprise network; monitoring network communications associated with the network session at the network device to identify an application identification (APP ID) for the network session; and performing an action based on a security policy using the process ID information and the APP ID.
Bibliography:Application Number: EP20180855870