SYSTEM AND METHOD FOR FILTERING NETWORK TRAFFIC
First Claim
1. A method comprising:
- performing a first security action for a first message, wherein an access control rule indicates performance of the first security action; and
selecting to unicast the first message instead of forwarding the first message normally, whereinthe first message would normally be broadcast, multicast, or flooded to multiple recipients, andthe selecting to unicast the first message is performed in response to a determination that the first message comprises a first protocol message from a protocol server.
0 Assignments
0 Petitions
Accused Products
Abstract
Protocol status information is used to perform traffic filtering by dropping messages that are not consistent with the protocol status information. In one embodiment, a method involves comparing message information and protocol status information. The message information is associated with a first message. The protocol status information is obtained in response to one or more second messages, which are conveyed according to a protocol used to assign network addresses to clients. The method also involves determining whether to discard the first message, based on an outcome of the comparison of the message information and the protocol status information. For example, it can be determined that the first message should be discarded, if the message information does not match the protocol status information.
17 Citations
1 Claim
-
1. A method comprising:
-
performing a first security action for a first message, wherein an access control rule indicates performance of the first security action; and selecting to unicast the first message instead of forwarding the first message normally, wherein the first message would normally be broadcast, multicast, or flooded to multiple recipients, and the selecting to unicast the first message is performed in response to a determination that the first message comprises a first protocol message from a protocol server.
-
Specification