REDUCING ERROR IN SECURITY ENFORCEMENT BY A NETWORK SECURITY SYSTEM (NSS)
First Claim
1. A computer-implemented method, including:
- reducing error in security enforcement by a network security system (abbreviated NSS), includingthe NSS receiving over a monitored channel a plurality of connection access requests from an endpoint routing client running on a device, the requests including loss prevention inspectable requests and connection preserving requests;
the NSS decrypting an incoming connection access request and determining conformance or non-conformance of the connection access request with semantic and content requirements of a protocol established for the monitored channel;
based on the determination, the NSS classifying the connection access request as loss prevention inspectable or connection preserving;
in response to classifying the connection access request as loss prevention inspectable, the NSS forwarding the loss prevention inspectable connection access request to a data inspection and loss prevention appliance (abbreviated DILPA) for deep inspection, wherein the DILPA is interposed between the device and a first server at a destination specified by the loss prevention inspectable connection access request; and
in response to classifying the connection access request as connection preserving, the NSS sending the connection preserving connection access request to a second server at a destination specified by the connection preserving connection access request, preventing request termination and error generation by the NSS.
1 Assignment
0 Petitions
Accused Products
Abstract
The technology disclosed relates to reducing error in security enforcement by a network security system (abbreviated NSS). The NSS classifies incoming connection access requests as loss prevention inspectable or connection preserving by determining their conformance or non-conformance with semantic and content requirements of HTTP and HTTPs protocols. The NSS forwards the loss prevention inspectable connection access requests to a data inspection and loss prevention appliance (abbreviated DILPA) for deep inspection. The NSS directly sends the connection preserving connection access requests to the destination servers, preventing connection termination and error generation.
-
Citations
20 Claims
-
1. A computer-implemented method, including:
reducing error in security enforcement by a network security system (abbreviated NSS), including the NSS receiving over a monitored channel a plurality of connection access requests from an endpoint routing client running on a device, the requests including loss prevention inspectable requests and connection preserving requests; the NSS decrypting an incoming connection access request and determining conformance or non-conformance of the connection access request with semantic and content requirements of a protocol established for the monitored channel; based on the determination, the NSS classifying the connection access request as loss prevention inspectable or connection preserving; in response to classifying the connection access request as loss prevention inspectable, the NSS forwarding the loss prevention inspectable connection access request to a data inspection and loss prevention appliance (abbreviated DILPA) for deep inspection, wherein the DILPA is interposed between the device and a first server at a destination specified by the loss prevention inspectable connection access request; and in response to classifying the connection access request as connection preserving, the NSS sending the connection preserving connection access request to a second server at a destination specified by the connection preserving connection access request, preventing request termination and error generation by the NSS. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
19. A non-transitory computer readable storage medium impressed with computer program instructions to reduce error in security enforcement by a network security system (abbreviated NSS), the instructions, when executed on a processor, implement a method comprising:
-
the NSS receiving over a monitored channel a plurality of connection access requests from an endpoint routing client running on a device, the requests including loss prevention inspectable requests and connection preserving requests; the NSS decrypting an incoming connection access request and determining conformance or non-conformance of the connection access request with semantic and content requirements of a protocol established for the monitored channel; based on the determination, the NSS classifying the connection access request as loss prevention inspectable or connection preserving; in response to classifying the connection access request as loss prevention inspectable, the NSS forwarding the loss prevention inspectable connection access request to a data inspection and loss prevention appliance (abbreviated DILPA) for deep inspection, wherein the DILPA is interposed between the device and a first server at a destination specified by the loss prevention inspectable connection access request; and in response to classifying the connection access request as connection preserving, the NSS sending the connection preserving connection access request to a second server at a destination specified by the connection preserving connection access request, preventing request termination and error generation by the NSS.
-
-
20. A system including one or more processors coupled to memory, the memory loaded with computer instructions to reduce error in security enforcement by a network security system (abbreviated NSS), the instructions, when executed on the processors, implement actions comprising:
-
the NSS receiving over a monitored channel a plurality of connection access requests from an endpoint routing client running on a device, the requests including loss prevention inspectable requests and connection preserving requests; the NSS decrypting an incoming connection access request and determining conformance or non-conformance of the connection access request with semantic and content requirements of a protocol established for the monitored channel; based on the determination, the NSS classifying the connection access request as loss prevention inspectable or connection preserving; in response to classifying the connection access request as loss prevention inspectable, the NSS forwarding the loss prevention inspectable connection access request to a data inspection and loss prevention appliance (abbreviated DILPA) for deep inspection, wherein the DILPA is interposed between the device and a first server at a destination specified by the loss prevention inspectable connection access request; and in response to classifying the connection access request as connection preserving, the NSS sending the connection preserving connection access request to a second server at a destination specified by the connection preserving connection access request, preventing request termination and error generation by the NSS.
-
Specification