Browse Prior Art Database

Self-Configuring Network Devices

IP.com Disclosure Number: IPCOM000132575D
Original Publication Date: 2005-Dec-22
Included in the Prior Art Database: 2005-Dec-22
Document File: 1 page(s) / 72K

Publishing Venue

IBM

Abstract

Disclosed is a mechanism for self-configuration of stateful firewalls or load-balancers. The self-configuration software is embedded in the firewall or load-balancer software or microcode.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 100% of the total text.

Page 1 of 1

Self-Configuring Network Devices

An IT (Information Technology) structure is defined as any combination of hardware, software, networking, services, and labor, and relationships among these entities, and is represented by an object model. The object model includes generation functions, including ability to generate firewall and load balancing rules.

Upon installation of a firewall or load-balancer, the self-configuration software is invoked and performs the process described in the Figure 1. The process starts by performing discovery of the network and creation of an IT structure model 101. Once the IT structure model is created, the appropriate configuration generator function (for a stateful firewall or a load-balancer) is invoked to generate the firewall rules or load-balancing configuration 102. The generated set of firewall rules or a load-balancing configuration is then applied to the network device 103.

The process may be invoked again manually to refresh the rules, should the network configuration change.

The process may also be invoked on a periodic basis, or, for a firewall, as a consequence of a new entity attempting a communication through the network.

Self-configuration process

Perform discovery of the netw ork and create an IT structure model 101

Generate firew all rules or load- balancing configuration based on the created model 102

  Apply generated rules/ configuration to this device 103

end

Figure 1. Self-configuration process

1