Systems and Methods for Remote Rogue Protocol Enforcement

US 20070112957A1
Filed: 11/03/2006
Published: 05/17/2007
Est. Priority Date: 11/03/2005
Status: Active Grant

First Claim

Patent Images

1. A user agent residing within a remote client and configured to enforce message protocol policy, comprising:

a communications monitoring element configured to examine a communications connection between the remote client and an external message server to determine if the external message server matches a restricted server attribute; and

a communications controller element configured to work in conjunction with the communications monitoring element to block communications between the remote client and the external message server when the external message server matches the restricted server attribute unless the communications between the remote client and the external message server are monitored by a protocol inspection gateway, wherein the protocol inspection gateway is configured to, intercept the communications between the remote client and the external message server, and inspect a message protocol associated with the intercepted communications to determine if the message protocol matches a protocol definition file, and when a match occurs, applying a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the intercepted communications.

View all claims

28 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user agent residing within a remote client and configured to enforce message protocol policy is disclosed. The user agent includes a communication monitoring element and a communication controller element. The communications monitoring element is configured to examine a communications connection between the remote client and an external message server to determine if the external message server matches a restricted server attribute. The communications controller element is configured to work in conjunction with the communications monitoring element to block communications between the remote client and the external message server when the external message server matches a restricted server attribute unless the communications between the remote client and the external message server are monitored by a protocol inspection gateway. The protocol inspection gateway is configured to intercept the communications between the remote client and the external message server and inspect a message protocol associated with the intercepted communications to determine if the message protocol matches a protocol definition file, and when a match occurs, apply a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the intercepted communications.

93 Citations

View as Search Results

30 Claims

1. A user agent residing within a remote client and configured to enforce message protocol policy, comprising:
- a communications monitoring element configured to examine a communications connection between the remote client and an external message server to determine if the external message server matches a restricted server attribute; and
  
  a communications controller element configured to work in conjunction with the communications monitoring element to block communications between the remote client and the external message server when the external message server matches the restricted server attribute unless the communications between the remote client and the external message server are monitored by a protocol inspection gateway, wherein the protocol inspection gateway is configured to, intercept the communications between the remote client and the external message server, and inspect a message protocol associated with the intercepted communications to determine if the message protocol matches a protocol definition file, and when a match occurs, applying a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the intercepted communications.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The user agent residing within a remote client and configured to enforce message protocol policy, as recited in claim 1, wherein the restricted server attribute is that the external message server is an instant messaging server.
  - 3. The user agent residing within a remote client and configured to enforce message protocol policy, as recited in claim 2, wherein the instant messaging server is an AMERICA ONLINE INSTANT MESSAGING™
    - server.
  - 4. The user agent residing within a remote client and configured to enforce message protocol policy, as recited in claim 2, wherein the instant messaging server is a YAHOO INSTANT MESSAGING™
    - server.
  - 5. The user agent residing within a remote client and configured to enforce message protocol policy, as recited in claim 2, wherein the instant messaging server is a MICROSOFT NETWORK INSTANT MESSAGING™
    - server.
  - 6. The user agent residing within a remote client and configured to enforce message protocol policy, as recited in claim 1, wherein the restricted server attribute is that the external message server is a peer-to-peer server.
  - 7. The user agent residing within a remote client and configured to enforce message protocol policy, as recited in claim 1, wherein applying the policy enforcement rule comprises terminating a communication connection associated with the intercepted communications.
  - 8. The user agent residing within a remote client and configured to enforce message protocol policy, as recited in claim 1, wherein applying the policy enforcement rule comprises recording information associated with the intercepted communications.
  - 9. The user agent residing within a remote client and configured to enforce message protocol policy, as recited in claim 1, wherein applying the policy enforcement rule comprises creating a log comprising information associate with the intercepted communications and any related communications.

10. A system for enforcing message protocol policy for a remote client, comprising:
- a virtual private network agent residing within the remote client, the virtual private network agent configured to function as a communications proxy for the remote client;
  
  a user agent residing within the remote client, the user agent configured to examine every communications connection established between the remote client and an external message server to determine whether the external message server matches a restricted server attribute, and when a match occurs, blocking all messages transmitted between the remote client and the external message server unless the messages are routed through the virtual private network agent; and
  
  an enterprise network communicatively connected to the remote client and the external message server, including, a virtual private network gateway configured to be in communications with the virtual private network agent, wherein the virtual private network gateway is further configured to send messages to and receive messages from the virtual private network agent via tunneling;
  
  a protocol inspection gateway communicatively connected to the virtual private network gateway and the external message server, the protocol inspection gateway configured to, intercept messages from the virtual private network gateway and the external message server, and inspect a message protocol associated with the intercepted message to determine if the message protocol matches a protocol definition file, and when a match occurs, applying a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the intercepted message.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 11. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 10, wherein the restricted server attribute is that the external message server is an instant messaging server.
  - 12. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 11, wherein the instant messaging server is an AMERICA ONLINE INSTANT MESSAGING™
    - server.
  - 13. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 11, wherein the instant messaging server is a YAHOO INSTANT MESSAGING™
    - server.
  - 14. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 11, wherein the instant messaging server is a MICROSOFT NETWORK INSTANT MESSAGING™
    - server.
  - 15. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 10, wherein the restricted server attribute is that the external message server is a peer-to-peer server.
  - 16. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 10, wherein applying the policy enforcement rule comprises terminating a communication connection associated with the intercepted messages.
  - 17. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 10, wherein applying the policy enforcement rule comprises recording information associated with the intercepted messages.
  - 18. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 10, wherein applying the policy enforcement rule comprises creating a log comprising information associate with the intercepted messages and any related messages.
  - 19. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 10, wherein the wide area network is the Internet.
  - 20. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 10, wherein the virtual private network agent and the virtual private network gateway comprise a virtual private network.
  - 21. The system for enforcing message protocol policy for a remote client in communications with an external message server, as recited in claim 10, wherein functionalities of the virtual private network gateway and the protocol inspection gateway are integrated into one network gateway device.

22. A method for enforcing message protocol policy for a remote client, comprising:
- establishing a communication connection between the remote client and an external message server;
  
  inspecting the communications connection between the remote client and the external message server to determine if the external message server matches a restricted server attribute; and
  
  when a match occurs, blocking the communications connection between the remote client and the external message server unless messages communicated via the communications connection are intercepted by a protocol inspection gateway, wherein the protocol inspection gateway is configured to inspect a message protocol associated with the intercepted message to determine if the message protocol matches a protocol definition file, and when a match occurs, applying a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the intercepted message.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30)
- - 23. The management method for enforcing message protocol policy for a remote client, as recited in claim 22, wherein the restricted server attribute is that the external message server is an instant messaging server.
  - 24. The method for enforcing message protocol policy for a remote client, as recited in claim 23, wherein the instant messaging server is an AMERICA ONLINE INSTANT MESSAGING™
    - server.
  - 25. The method for enforcing message protocol policy for a remote client, as recited in claim 23, wherein the instant messaging server is a YAHOO INSTANT MESSAGING™
    - server.
  - 26. The method for enforcing message protocol policy for a remote client, as recited in claim 23, wherein the instant messaging server is a MICROSOFT NETWORK INSTANT MESSAGING™
    - server.
  - 27. The method for enforcing message protocol policy for a remote client, as recited in claim 22, wherein the restricted server attribute is that the external message server is a peer-to-peer server.
  - 28. The method for enforcing message protocol policy for a remote client, as recited in claim 22, wherein applying the policy enforcement rule comprises terminating a communication connection associated with the intercepted messages.
  - 29. The method for enforcing message protocol policy for a remote client, as recited in claim 22, wherein applying the policy enforcement rule comprises recording information associated with the intercepted messages.
  - 30. The method for enforcing message protocol policy for a remote client, as recited in claim 22, wherein applying the policy enforcement rule comprises creating a log comprising information associate with the intercepted messages and any related messages.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Quest Software, Inc.
Original Assignee
Akonix Systems, Inc. (Quest Software, Inc.)
Inventors
Lee, Lisa, Shastri, Vijnan, Tran, Trung

Granted Patent

US 7,756,981 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/224
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 41/046   comprising network manageme...

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/0895   Configuration of virtualise...

H04L 63/0236   Filtering by address, proto...

H04L 63/0272   Virtual private networks

H04L 63/20   for managing network securi...

Systems and Methods for Remote Rogue Protocol Enforcement

First Claim

28 Assignments

0 Petitions

Accused Products

Abstract

93 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and Methods for Remote Rogue Protocol Enforcement

First Claim

28 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

93 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links