US 12,143,364 B2
Device, system, and method for provisioning firewall engines
Christina Lamias, Chicago, IL (US); Francisco Javier Jorda Hernandez, Alicante (ES); Guna Selvaraj, Chicago, IL (US); and Jeanne C. Glunz, Chicago, IL (US)
Assigned to MOTOROLA SOLUTIONS, INC., Chicago, IL (US)
Filed by MOTOROLA SOLUTIONS, INC., Chicago, IL (US)
Filed on Oct. 14, 2022, as Appl. No. 17/966,189.
Prior Publication US 2024/0129276 A1, Apr. 18, 2024
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/0263 (2013.01) [H04L 63/0218 (2013.01); H04L 63/0236 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
at one or more computing devices, implementing, for a given zone, an application and a firewall engine in an observation mode by:
implementing predefined firewall rules that define one or more of allowed network traffic and denied network traffic for the application;
maintaining a log of network traffic events that meet or do not meet the predefined firewall rules, the log including source network identifiers and destination network identifiers for the network traffic events;
grouping the network traffic events into groups based on the source network identifiers and the destination network identifiers;
generating new firewall rules based on the groups; and
accepting or denying respective new firewall rules; and,
after the observation mode is implemented, switching, at the one or more computing devices, the application and the firewall engine to a maintain mode by:
stopping implementing the predefined firewall rules; and
implementing accepted new firewall rules for the application.