US 12,155,627 B2
Managing corporate firewalls and network isolation for EDR
Andrey Kulaga, Istanbul (TR); Anastasia Avsynannikova, Istanbul (TR); Roman Vasyutin, Istanbul (TR); Nikolay Grebennikov, Singapore (SG); Serguei Beloussov, Singapore (SG); and Stanislav Protasov, Singapore (SG)
Assigned to Acronis International GmbH, Schaffhausen (CH)
Filed by Acronis International GmbH, Schaffhausen (CH)
Filed on Sep. 30, 2021, as Appl. No. 17/449,613.
Prior Publication US 2023/0099259 A1, Mar. 30, 2023
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/0263 (2013.01) [H04L 63/104 (2013.01); H04L 63/105 (2013.01); H04L 63/20 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A system for isolating machines in a computer network with a plurality of endpoints, comprising:
a centralized server comprising a processor and nonvolatile storage and configured for hosting a firewall management service;
one or more firewall management agents installed on endpoints under management, the endpoints comprising machines, remote from the centralized server, with processors and nonvolatile storage, and coupled to a firewall management agent;
wherein the firewall management service is configured to deploy isolation mode for at least one endpoint and to manage endpoint firewall policies;
wherein the firewall management agents are configured for deploying endpoint firewall policies;
wherein the firewall management service is configured for modifying, adding, or deleting endpoint firewall policies; and
wherein, when endpoint firewall policies are synced with firewall management service policies and a conflict results, the firewall management service's policy has priority if the policy conflict results from a policy change made by an endpoint administrator; and
wherein if the policy conflict results from a change made by the firewall management service, the policy change is disabled by the firewall management service.