FINE-GRAINED FIREWALL POLICY ENFORCEMENT USING SESSION APP ID AND ENDPOINT PROCESS ID CORRELATION

Techniques for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation are disclosed. In some embodiments, a system/process/computer program product for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation include...

Full description

Saved in:
Bibliographic Details
Main Authors Lam, Ho Yu, Tesh, Robert, Ettema, Taylor, Li, Qiuming, Mathison, Paul Theodore, Jin, Xuanyu, Ashley, Robert Earle
Format Patent
LanguageEnglish
Published 21.03.2019
Subjects
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:Techniques for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation are disclosed. In some embodiments, a system/process/computer program product for fine-grained firewall policy enforcement using session APP ID and endpoint process ID correlation includes receiving, at a network device on an enterprise network, process identification (ID) information from an endpoint (EP) agent executed on an EP device, in which the process identification information identifies a process that is initiating a network session from the EP device on the enterprise network; monitoring network communications associated with the network session at the network device to identify an application identification (APP ID) for the network session; and performing an action based on a security policy using the process ID information and the APP ID.
Bibliography:Application Number: US201715705512