Apparatus for Filtering Server Responses
First Claim
1. A data processing apparatus, comprising:
- at least one processor;
a traffic monitor comprising logic which, when executed by the at least one processor, causes the at least one processor to perform;
creating, using forward Domain Name System (DNS) lookups, a mapping of domain names to Internet Protocol (IP) addresses;
determining whether a particular domain in the mapping requires handling data traffic to or from the particular domain by performing a particular action;
based on the mapping, determining one or more IP addresses that are associated with the particular domain;
generating policy for a firewall that instructs the firewall to perform the particular action upon receiving a particular request;
wherein the particular request specifies a particular IP address that is within the particular domain.
0 Assignments
0 Petitions
Accused Products
Abstract
A data processing apparatus, comprising at least one processor and a traffic monitor comprising logic which, when executed by the processor, causes the processor to perform: creating, using forward Domain Name System (DNS) lookups, a mapping of domain names to Internet Protocol (IP) addresses; determining whether a particular domain in the mapping requires handling data traffic to or from the particular domain by performing a particular action; based on the mapping, determining one or more IP addresses that are associated with the particular domain; generating policy for a firewall that instructs the firewall to perform the particular action upon receiving a particular request; wherein the particular request specifies a particular IP address that is within the particular domain.
114 Citations
18 Claims
-
1. A data processing apparatus, comprising:
-
at least one processor; a traffic monitor comprising logic which, when executed by the at least one processor, causes the at least one processor to perform; creating, using forward Domain Name System (DNS) lookups, a mapping of domain names to Internet Protocol (IP) addresses; determining whether a particular domain in the mapping requires handling data traffic to or from the particular domain by performing a particular action; based on the mapping, determining one or more IP addresses that are associated with the particular domain; generating policy for a firewall that instructs the firewall to perform the particular action upon receiving a particular request; wherein the particular request specifies a particular IP address that is within the particular domain. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable storage medium storing one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform:
-
creating, using forward Domain Name System (DNS) lookups, a mapping of domain names to Internet Protocol (IP) addresses; determining whether a particular domain in the mapping requires handling data traffic to or from the particular domain by performing a particular action; based on the mapping, determining one or more IP addresses that are associated with the particular domain; generating policy for a firewall that instructs the firewall to perform the particular action upon receiving a particular request; wherein the particular request specifies a particular IP address that is within the particular domain. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method, comprising:
-
creating, using forward Domain Name System (DNS) lookups, a mapping of domain names to Internet Protocol (IP) addresses; determining whether a particular domain, listed on the internal mapping list, requires handling data traffic to or from the particular domain by performing a particular action; based on the internal mapping list, determining one or more IP addresses that are associated with the particular domain; generating policy for a firewall that instructs the firewall to perform the particular action upon receiving a particular request; wherein the particular request specifies a particular IP address that is within the particular domain; wherein the method is performed by one or more processors. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification