US Patent No. 10,193,862

SECURITY POLICY ANALYSIS BASED ON DETECTING NEW NETWORK PORT CONNECTIONS


Patent No. 10,193,862
Issue Date January 29, 2019
Title Security Policy Analysis Based On Detecting New Network Port Connections
Inventorship Jayant Jain, Palo Alto, CA (US)
Anirban Sengupta, Saratoga, CA (US)
Alok Tiagi, Palo Alto, CA (US)
Jingmin Zhou, Palo Alto, CA (US)
Russell Lu, Palo Alto, CA (US)
Assignee VMware, Inc., Palo Alto, CA (US)

Claim of US Patent No. 10,193,862

1. A method comprising:detecting, at a firewall outside of a virtual computing instance, opening of a new connection on a network port by the virtual computing instance;
requesting, by the firewall from the virtual computing instance, information indicative of one or more applications executing on the virtual computing instance that opened the new connection on the network port in response to the detecting of the opening of the new connection on the network port;
receiving, by the firewall from the virtual computing instance, the information indicative of the one or more applications in response to requesting the information;
identifying the one or more applications based on the information indicative of the one or more applications;
identifying one or more firewall rules to apply to the virtual computing instance based, at least in part, on the identification of the one or more applications;
determining a deviation between firewall rules applied to the virtual computing instance and the identified one or more firewall rules; and
upon determining that a deviation exists between the firewall rules applied to the virtual computing instance and the identified one or more firewall rules, applying one or more rules corresponding to the determined deviation to the virtual computing instance.