FILTERING OF APPLICATIONS FOR ACCESS TO AN ENTERPRISE NETWORK
First Claim
1. A computer-readable storage medium having non-transient computer-readable code embodied on the computer-readable storage medium, the computer-readable code for controlling access to a protected computer network, the computer-readable code comprising:
- (a) program code for intercepting packets that are being exchanged between a computer system and the protected computer network; and
(b) program code for;
for each said packet;
(i) identifying an application, that is running on said computer system, that is associated with said each packet,(ii) determining whether said application is trusted, and(iii) disposing of said each packet in accordance with said determining.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-readable storage medium has embedded thereon non-transient computer-readable code for controlling access to a protected computer network, by intercepting packets that are being exchanged between a computer system and the protected network, and then, for each intercepted packet, identifying the associated application that is running on the computer system, determining whether the application is trusted, for example according to a white list or according to a black list, and disposing of the packet accordingly.
-
Citations
19 Claims
-
1. A computer-readable storage medium having non-transient computer-readable code embodied on the computer-readable storage medium, the computer-readable code for controlling access to a protected computer network, the computer-readable code comprising:
-
(a) program code for intercepting packets that are being exchanged between a computer system and the protected computer network; and (b) program code for;
for each said packet;(i) identifying an application, that is running on said computer system, that is associated with said each packet, (ii) determining whether said application is trusted, and (iii) disposing of said each packet in accordance with said determining. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer system comprising:
-
(a) a port; (b) a plurality of application modules that are operative to exchange packets with a protected computer network via said port; and (c) a network security module for; (i) intercepting said packets, and (ii) for each said packet; (A) identifying which said application module is associated with said each packet, (B) determining whether said application module, that is associated with said each packet, is trusted, and (C) disposing of said each packet in accordance with said determining. - View Dependent Claims (18, 19)
-
Specification