×

Methods and systems for identifying data sessions at a VPN gateway

  • US 10,313,494 B2
  • Filed: 06/05/2017
  • Issued: 06/04/2019
  • Est. Priority Date: 03/27/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method for transmitting data packets from a host to a destination via a virtual private network (VPN) connection at a first VPN gateway, the method comprising:

  • A) receiving encapsulated packets via the VPN connection, wherein the encapsulated packets encapsulate the data packets originated from the host;

    B) decapsulating the encapsulated packets to retrieve the data packets;

    C) determining whether the data packets originated from an IoT device based on a control message received from a second VPN gateway;

    D) when the host is the IoT device;

    i) performing deep packet inspection (DPI) on the data packets;

    ii) determining whether the data packets are allowed to be transmitted to the destination;

    iii) transmitting the data packets when the data packets are allowed to be transmitted to the destination;

    iv) storing the data packets for further processing when the data packets are not allowed to be transmitted to the destination;

    E) when the host is not an IoT device;

    i) performing deep packet inspection (DPI) on the data packets for collecting information on the data packets to update a DPI database; and

    ii) transmitting the data packets to the destination.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×