Systems and methods for remote rogue protocol enforcement
First Claim
1. A system configured to enforce message protocol policy, the system comprising:
- a virtual private network agent residing within a remote client;
a user agent residing within the remote client, the user agent comprising,a communications monitoring element executing on a computing device and configured to examine a communications connection between the remote client and an external message server to determine if an attribute of the external message server matches a restricted server attribute, wherein both the remote client and the external message server reside outside an enterprise network comprising a virtual private network gateway and a protocol inspection gateway; and
a communications controller element configured to work in conjunction with the communications monitoring element to,block instant message communications between the remote client and the external message server when the attribute of the external message server matches the restricted server attribute unless the instant message communications between the remote client and the external message server and route the blocked instant message communications via the virtual private network agent to the enterprise network, andallow direct communication between the remote client and the external message server by bypassing the virtual private network agent when the attribute of the external message server does not match the restricted server attribute;
wherein the virtual private network gateway is configured to communicate with the virtual private network agent to receive the instant message communications routed thereto, wherein the virtual private network gateway is further configured to receive the routed instant message communications from the virtual private network agent via tunneling,and wherein the protocol inspection gateway is configured to,receive the instant message communications from the virtual private network gateway routed to the enterprise network,inspect a message protocol associated with the routed instant message communications to determine if the message protocol matches a protocol definition file, andwhen a match occurs, apply applying a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the routed instant message communications.
28 Assignments
0 Petitions
Accused Products
Abstract
A user agent residing within a remote client and configured to enforce message protocol policy is disclosed. The user agent includes a communications monitoring element that examines a communications connection between the client and an external message server to determine if the message server matches a restricted server attribute. The user agent also includes a communications controller element that works with the communications monitoring element to block communications between the client and the message server when the message server matches a restricted server attribute unless the communications are monitored by a protocol inspection gateway. The gateway intercepts the communications between the client and the message server and inspects a message protocol associated with the intercepted communications to determine if the message protocol matches a protocol definition file, and when a match occurs, apply a policy enforcement rule that overrides aspects of the message protocol associated with the intercepted communications.
-
Citations
25 Claims
-
1. A system configured to enforce message protocol policy, the system comprising:
-
a virtual private network agent residing within a remote client; a user agent residing within the remote client, the user agent comprising, a communications monitoring element executing on a computing device and configured to examine a communications connection between the remote client and an external message server to determine if an attribute of the external message server matches a restricted server attribute, wherein both the remote client and the external message server reside outside an enterprise network comprising a virtual private network gateway and a protocol inspection gateway; and a communications controller element configured to work in conjunction with the communications monitoring element to, block instant message communications between the remote client and the external message server when the attribute of the external message server matches the restricted server attribute unless the instant message communications between the remote client and the external message server and route the blocked instant message communications via the virtual private network agent to the enterprise network, and allow direct communication between the remote client and the external message server by bypassing the virtual private network agent when the attribute of the external message server does not match the restricted server attribute; wherein the virtual private network gateway is configured to communicate with the virtual private network agent to receive the instant message communications routed thereto, wherein the virtual private network gateway is further configured to receive the routed instant message communications from the virtual private network agent via tunneling, and wherein the protocol inspection gateway is configured to, receive the instant message communications from the virtual private network gateway routed to the enterprise network, inspect a message protocol associated with the routed instant message communications to determine if the message protocol matches a protocol definition file, and when a match occurs, apply applying a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the routed instant message communications. - View Dependent Claims (2, 3, 4, 5, 19, 20, 21, 22)
-
-
6. A system for enforcing message protocol policy for a remote client, the system comprising:
-
a virtual private network agent residing within a remote client, the virtual private network agent configured to function as a communications proxy for the remote client; a user agent executing on a computing device and residing within the remote client, the user agent configured to examine every communications connection established between the remote client and an external message server to determine whether an attribute of the external message server matches a restricted server attribute, and the user agent being further configured to, when a match occurs, route to the virtual private network agent instant messages to be transmitted between the remote client and the external message server, and when a match does not occur, allow direct communication between the remote client and the external message server by bypassing the virtual private network agent; and
an enterprise network communicatively connected to the remote client and the external message server, wherein both the remote client and the external message server reside outside the enterprise network, the enterprise network including,a virtual private network gateway configured to communicate with the virtual private network agent to receive the instant messages routed thereto, wherein the virtual private network gateway is further configured to receive the routed instant messages from the virtual private network agent via tunneling; and a protocol inspection gateway communicatively connected to the virtual private network gateway and the external message server, the protocol inspection gateway configured to, receive the instant messages from the virtual private network gateway, inspect a message protocol associated with each received instant message to determine if the message protocol matches a protocol definition file, and when a match occurs, apply a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the received instant message. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 23)
-
-
14. A method for enforcing message protocol policy for a remote client, the method comprising:
-
establishing a communication connection between a remote client and an external message server, wherein both the remote client and the external message server are located outside an enterprise network; inspecting, with a user agent executing on a computing device of the remote client, the communications connection between the remote client and the external message server to determine if a selected attribute of the external message server matches a restricted server attribute; when a match occurs, (i) blocking instant messages to be sent via the communications connection between the remote client and the external message server (ii) fill routing the blocked instant messages with a virtual private network agent of the remote client to a virtual private network gateway via tunneling, and (iii) communicating the routed instant messages from the virtual private network gateway to a protocol inspection gateway within the enterprise network, wherein the protocol inspection gateway is configured to, inspect a message protocol associated with the routed instant message to determine if the message protocol matches a protocol definition file, and when a match occurs, apply a policy enforcement rule associated with the protocol definition file that overrides aspects of the message protocol associated with the routed instant message, and when a match does not occur between the selected attribute of the external message server and the restricted server attribute, allowing direct communication between the remote client and the external message server by bypassing the virtual private network agent and the virtual private network gateway. - View Dependent Claims (15, 16, 17, 18, 24, 25)
-
Specification