The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 05, 2021
Filed:
Oct. 27, 2017
Applicant:
Sophos Limited, Abingdon, GB;
Inventor:
Richard S. Teal, Media, PA (US);
Assignee:
Sophos Limited, Abingdon, GB;
Attorney:
Primary Examiner:
Int. Cl.
CPC ...
H04L 29/06 (2006.01); G06F 21/60 (2013.01); G06F 21/44 (2013.01); G06F 21/57 (2013.01); H04L 9/32 (2006.01); G06F 21/51 (2013.01); H04L 9/08 (2006.01); G06F 21/55 (2013.01); G06F 21/54 (2013.01); G06F 12/0813 (2016.01); G06F 21/50 (2013.01); H04L 12/26 (2006.01); H04L 12/859 (2013.01); H04L 9/30 (2006.01); H04L 29/08 (2006.01);
U.S. Cl.
CPC ...
G06F 21/606 (2013.01); G06F 12/0813 (2013.01); G06F 21/44 (2013.01); G06F 21/50 (2013.01); G06F 21/51 (2013.01); G06F 21/54 (2013.01); G06F 21/55 (2013.01); G06F 21/554 (2013.01); G06F 21/57 (2013.01); G06F 21/602 (2013.01); H04L 9/0891 (2013.01); H04L 9/321 (2013.01); H04L 9/3247 (2013.01); H04L 9/3268 (2013.01); H04L 43/028 (2013.01); H04L 43/045 (2013.01); H04L 43/062 (2013.01); H04L 47/2475 (2013.01); H04L 63/02 (2013.01); H04L 63/0218 (2013.01); H04L 63/0227 (2013.01); H04L 63/0236 (2013.01); H04L 63/0263 (2013.01); H04L 63/14 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01); H04L 63/168 (2013.01); H04L 63/20 (2013.01); H04L 63/205 (2013.01); G06F 2212/1052 (2013.01); G06F 2212/60 (2013.01); G06F 2212/62 (2013.01); H04L 9/30 (2013.01); H04L 43/026 (2013.01); H04L 43/10 (2013.01); H04L 63/145 (2013.01); H04L 67/2842 (2013.01);
Abstract
The configuration of a firewall on an endpoint is secured to prevent changes by unauthorized processes, while permitting changes that are requested by authorized processes. Authorized processes can be stored in a tamper protection cache within a kernel of the operating system of the endpoint and secured with reference to a trust authority external to the operating system. When a process on the endpoint requests a change to the firewall configuration, the requesting process can be checked against the processes listed in the tamper protection cache, and any suitable rules can be applied to limit or prevent changes to firewall configuration.