Switching network employing server quarantine functionality
First Claim
1. A communication infrastructure that routes a packet from a source device toward a destination device, the source device having a domain name and a current network address, the communication infrastructure comprising:
- a domain name server that associatively stores the domain name and the current network address of the source end point device;
an intermediate routing node;
a plurality of templates stored on the intermediate routing node, a first of the plurality of templates being updated from the associative storage of the domain name server using the domain name of the source device, the first of the plurality of templates targeting the current network address of the source device;
a quarantine service function;
the intermediate routing node, after receiving the packet originating from the source device, successfully matches the packet with the first of the plurality of templates; and
the intermediate routing node responds to the successful matching by triggering the quarantine service function.
4 Assignments
0 Petitions
Accused Products
Abstract
In a communication infrastructure, an intermediate node supports delivery of packets from source devices to destination devices if the source device contains no notorious content (e.g., malware or illegal content, services or distribution). The intermediate node, e.g., a switch, router, access point, bridge or gateway, contains a plurality of predefined templates and corresponding quarantine service functions. By comparing packets received with the plurality of predefined templates and associated logic, the intermediate node identifies notorious source devices such as a notorious server and notorious content. Templates target at least a portion of one or more of a domain name, IP address or URL, for example. Once identified, local and/or remote quarantine service functionality attempts to neutralize, warn, remove and/or block the notorious content at both the source and destination devices. Warnings may include human challenges to prevent malware override.
48 Citations
23 Claims
-
1. A communication infrastructure that routes a packet from a source device toward a destination device, the source device having a domain name and a current network address, the communication infrastructure comprising:
-
a domain name server that associatively stores the domain name and the current network address of the source end point device; an intermediate routing node; a plurality of templates stored on the intermediate routing node, a first of the plurality of templates being updated from the associative storage of the domain name server using the domain name of the source device, the first of the plurality of templates targeting the current network address of the source device; a quarantine service function; the intermediate routing node, after receiving the packet originating from the source device, successfully matches the packet with the first of the plurality of templates; and the intermediate routing node responds to the successful matching by triggering the quarantine service function. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An intermediate routing node in a communication infrastructure that supports packet switched communication from a source device toward a destination device, the source device having a network identifier, the source device having notorious content, the communication infrastructure comprising:
-
a communication interface; storage containing a plurality of templates; a first of the plurality of templates targeting at least a portion of the network identifier; processing circuitry, coupled to the storage and to the communication interface, that, during a comparison of a packet received from the source device via the communication interface, matches the packet with the first of the plurality of templates; and the processing circuitry, at least in part based on the matching, responds by triggering a quarantine function. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A method performed by an intermediate network node in a packet switched communication pathway, the intermediate network node being communicatively coupled between a source device and a destination device, the source device having a network identifier and notorious content, the method comprising:
-
receiving a packet that contains the network identifier; comparing the packet with a plurality of templates; matching at least a portion of the packet with a first of the plurality of templates; responding, based at least in part on the matching, by triggering a quarantine function. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
Specification