×

Network security policy enforcement using application session information and object attributes

  • US 20060236370A1
  • Filed: 05/24/2006
  • Published: 10/19/2006
  • Est. Priority Date: 02/26/2004
  • Status: Active Grant
First Claim
Patent Images

1. A method for providing security on a networked environment having a directory service that maintains a directory of objects, and having at least one computer network through which a packet may traverse, the method comprising:

  • receiving a packet traversing on the computer network, said packet transmitted as part of an application session established between a client application and a server application;

    generating session information from said packet, said session information including a client network address, a server network address;

    associating said packet with an object from the directory using said session information, said object having at least one object attribute; and

    enforcing a security policy defined for the network environment by using said session information and said at least one object attribute to determine whether said packet violates said security policy.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×