SMTP network security processing in a transparent relay in a computer network
First Claim
1. A network security system for processing e-mail transactions, the system comprising:
- an e-mail sever;
an e-mail client;
a transparent relay configured to receive and process e-mail communications between the e-mail client and the e-mail server, the transparent relay being configured to examine e-mail communications for network security policy violations, to perform policy actions on particular e-mail communications that violate a network security policy, and to relay particular e-mail communications that do not violate a network security policy; and
a router configured to divert to the transparent relay e-mail communications between the e-mail client and the e-mail server.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a transparent relay receives diverted e-mail communications between an e-mail client and an e-mail server. The transparent relay may be configured to examine the e-mail communications for network security policy violations. E-mail communications that do not violate a network security policy may be relayed to their intended destination. Policy actions, such as discarding or redirection, may be performed on those that violate one or more network security policies. The transparent relay may include a pair of communications interfaces running in promiscuous mode, one for downstream communications and another for upstream communications. The transparent relay may decompose a network communication protocol to look network security policy violations.
109 Citations
16 Claims
-
1. A network security system for processing e-mail transactions, the system comprising:
-
an e-mail sever;
an e-mail client;
a transparent relay configured to receive and process e-mail communications between the e-mail client and the e-mail server, the transparent relay being configured to examine e-mail communications for network security policy violations, to perform policy actions on particular e-mail communications that violate a network security policy, and to relay particular e-mail communications that do not violate a network security policy; and
a router configured to divert to the transparent relay e-mail communications between the e-mail client and the e-mail server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of processing e-mail communications for network security, the method comprising:
-
transparently receiving diverted e-mail packets originated by an e-mail client to be sent to an e-mail server;
checking the diverted e-mail packets originated by the e-mail client for connection initiation packets configured to initiate an e-mail connection between the e-mail client and the e-mail server;
determining whether the connection initiation packets violate a first policy in a plurality of network security policies; and
performing a first policy action on the connection initiation packets if the connection initiation packets violate the first policy. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method of processing computer communications for network security, the method comprising:
-
transparently receiving diverted packets between a client computer and a server computer communicating over a communication session in accordance with a communication protocol;
monitoring the communication session at different states of the communication protocol to check for network security policy violations; and
relaying communications between the client computer and the server computer when the monitoring of the communication session does not indicate a network security policy violation. - View Dependent Claims (16)
-
Specification