	US 11,716,311 B2
	Inferring firewall rules from network traffic
Vishal Gupta, Milpitas, CA (US); Vikas Aggarwal, Brisbane, CA (US); Kan Cai, Sunnyvale, CA (US); Gargi Adhav, San Jose, CA (US); and Xiaoyu Zhang, San Jose, CA (US)
Assigned to Google LLC, Mountain View, CA (US)
Filed by Google LLC, Mountain View, CA (US)
Filed on Dec. 14, 2020, as Appl. No. 17/121,082.
Claims priority of provisional application 63/117,810, filed on Nov. 24, 2020.
Prior Publication US 2022/0166756 A1, May 26, 2022
Int. Cl. H04L 9/40 (2022.01); H04L 41/16 (2022.01); H04L 47/125 (2022.01); H04L 47/25 (2022.01); H04L 47/41 (2022.01)

CPC H04L 63/0263 (2013.01) [H04L 41/16 (2013.01); H04L 47/125 (2013.01); H04L 47/25 (2013.01); H04L 47/41 (2013.01); H04L 63/20 (2013.01)]

20 Claims

1. A method to generate firewall rules, the method comprising:

receiving data traffic flow information associated with a set of virtual machines connected over a network;

generating from the received data traffic flow information, a network graph with nodes and edges;

grouping nodes of the network graph to generate a new graph;

generating, from the new graph, a set of firewall rules based on a common identifier between two or more virtual machines from the set of virtual machines;

validating the set of firewall rules by comparing first traffic records generated using the set of firewall rules with second traffic records generated using a second set of firewall rules; and

outputting the set of firewall rules as an output file.