NETWORK DEVICE FOR SECURING ENDPOINTS IN A HETEROGENEOUS ENTERPRISE NETWORK
First Claim
1. A computer program product comprising computer executable code embodied on a non-transitory computer readable medium that, when executing on one or more processors of a network translation device that couples a subnet including a plurality of endpoints to an enterprise network, causes the network translation device to perform the steps of:
- translating address information between a first routing prefix for the subnet and a second routing prefix for a network external to the subnet;
detecting a compromised one of the plurality of endpoints on the subnet based on an error in a heartbeat from the one of the plurality of endpoints;
blocking traffic between the compromised one of the plurality of endpoints and the enterprise network outside the subnet; and
directing one or more of the plurality of endpoints other than the compromised one of the plurality of endpoints to stop network communications on the subnet with the compromised one of the plurality of endpoints.
4 Assignments
0 Petitions
Accused Products
Abstract
A network address translation device or similarly situated network device can cooperate with endpoints on a subnet of an enterprise network to secure endpoints within the subnet. For example, the network address translation device may be configured, either alone or in cooperation with other network devices, to block traffic from a compromised endpoint to destinations outside the subnet, and to direct other endpoints within the subnet to stop network communications with the compromised endpoint.
19 Citations
20 Claims
-
1. A computer program product comprising computer executable code embodied on a non-transitory computer readable medium that, when executing on one or more processors of a network translation device that couples a subnet including a plurality of endpoints to an enterprise network, causes the network translation device to perform the steps of:
-
translating address information between a first routing prefix for the subnet and a second routing prefix for a network external to the subnet; detecting a compromised one of the plurality of endpoints on the subnet based on an error in a heartbeat from the one of the plurality of endpoints; blocking traffic between the compromised one of the plurality of endpoints and the enterprise network outside the subnet; and directing one or more of the plurality of endpoints other than the compromised one of the plurality of endpoints to stop network communications on the subnet with the compromised one of the plurality of endpoints. - View Dependent Claims (2, 3)
-
-
4. A method for operating a network device that couples a subnet including a plurality of endpoints to an enterprise network, the method including:
-
detecting a compromised one of the plurality of endpoints on the subnet; blocking traffic between the compromised one of the plurality of endpoints and the enterprise network outside the subnet; and directing one or more of the plurality of endpoints other than the compromised one of the plurality of endpoints to stop network communications on the subnet with the compromised one of the plurality of endpoints. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A network device comprising:
-
a first network interface to an external network; a second network interface to a subnet; one or more processors; and a memory bearing instructions executable by the one or more processors to translate network traffic between a first routing prefix for the external network and a second routing prefix for the subnet, the memory further bearing instructions executable by the one or more processors to secure a plurality of endpoints connected to the subnet by detecting a compromised one of the plurality of endpoints on the subnet, blocking traffic between the compromised one of the plurality of endpoints and the external network outside the subnet, and directing one or more of the plurality of endpoints other than the compromised one of the plurality of endpoints to stop network communications on the subnet with the compromised one of the plurality of endpoints.
-
Specification