×

REDUCING ERROR IN SECURITY ENFORCEMENT BY A NETWORK SECURITY SYSTEM (NSS)

  • US 20180309795A1
  • Filed: 04/20/2018
  • Published: 10/25/2018
  • Est. Priority Date: 04/21/2017
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, including:

  • reducing error in security enforcement by a network security system (abbreviated NSS), includingthe NSS receiving over a monitored channel a plurality of connection access requests from an endpoint routing client running on a device, the requests including loss prevention inspectable requests and connection preserving requests;

    the NSS decrypting an incoming connection access request and determining conformance or non-conformance of the connection access request with semantic and content requirements of a protocol established for the monitored channel;

    based on the determination, the NSS classifying the connection access request as loss prevention inspectable or connection preserving;

    in response to classifying the connection access request as loss prevention inspectable, the NSS forwarding the loss prevention inspectable connection access request to a data inspection and loss prevention appliance (abbreviated DILPA) for deep inspection, wherein the DILPA is interposed between the device and a first server at a destination specified by the loss prevention inspectable connection access request; and

    in response to classifying the connection access request as connection preserving, the NSS sending the connection preserving connection access request to a second server at a destination specified by the connection preserving connection access request, preventing request termination and error generation by the NSS.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×