PREVENTING SECURE DATA FROM LEAVING THE NETWORK PERIMETER
First Claim
1. A method for preventing secure data from leaving a perimeter of an enterprise network, the method comprising the steps of:
- monitoring outbound data that is being sent out across the enterprise network perimeter;
computing a hash of the outbound data;
comparing the hash of the outbound data to each of a plurality of stored hashes, the stored hashes being associated with respective data files that are each designated as secure by an administrator or authorized user of the enterprise network;
blocking the outbound data from leaving the perimeter if the hash of the outbound data matches one of the stored hashes; and
allowing the outbound data to exit across the network perimeter if the hash of the outbound data does not match any of the stored hashes.
2 Assignments
0 Petitions
Accused Products
Abstract
Secure data is prevented from leaving the perimeter of a network such as an enterprise network or corporate network (“corpnet”) by an arrangement in which a hash of the secure data is periodically computed, and the hashes are pushed out to an edge device on the network such as a firewall where they are stored for later access. The edge device is configured so that it has access to all traffic that flows between the enterprise network and an external network, such as the Internet, that is located outside the enterprise network perimeter. Whenever a user attempts to send data to the external network, a process running on the edge device computes a hash for the outbound data and compares it against the stored hashes associated with the secure data. If a match is made between the hash for the outbound data and a stored hash for secure data, then the edge device blocks the outbound data from leaving the network perimeter.
-
Citations
20 Claims
-
1. A method for preventing secure data from leaving a perimeter of an enterprise network, the method comprising the steps of:
-
monitoring outbound data that is being sent out across the enterprise network perimeter; computing a hash of the outbound data; comparing the hash of the outbound data to each of a plurality of stored hashes, the stored hashes being associated with respective data files that are each designated as secure by an administrator or authorized user of the enterprise network; blocking the outbound data from leaving the perimeter if the hash of the outbound data matches one of the stored hashes; and allowing the outbound data to exit across the network perimeter if the hash of the outbound data does not match any of the stored hashes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for identifying data in an enterprise network as being secure, the method comprising the steps of:
-
receiving a designation from an administrator or authorized user of the enterprise network that a data file is secure; computing a hash for the data file to uniquely identify it as secure data, secure data being subject to restrictions on leaving the enterprise network perimeter; and sending the hash to an edge device that is positioned on the enterprise network perimeter, the edge device being arranged to block secure data that is outbound from the enterprise network. - View Dependent Claims (12, 13, 14)
-
-
15. A method for identifying data that has been modified at a host in an enterprise network as being secure, secure data being subject to restrictions on leaving the enterprise network perimeter, the method comprising the steps of:
-
monitoring activity at the host to identify when secure data that has been downloaded from a source in the enterprise network has been modified; computing a hash for the modified data to uniquely identify the modified data as being secure; and sending the hash to an edge device that is positioned on the enterprise network perimeter, the edge device being arranged to block secure data that is outbound from the enterprise network. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification