Systems and methods for implementing protocol enforcement rules
First Claim
Patent Images
1. A method for managing one or more communication protocols, the method comprising:
- providing a protocol message gateway in an enterprise network, the protocol message gateway comprising a proxy server, the protocol message gateway operative to communicate with a firewall of the enterprise network;
receiving first messages with the protocol message gateway over the enterprise network, the protocol message gateway further operative to determine whether selected ones of the first messages use a target protocol and, in response to said determination, implement policy rules associated with the target protocol;
providing a proxy enforcer within the enterprise network operative to passively listen for second messages that bypass the protocol message gateway;
detecting a selected second message with the proxy enforcer, said detecting comprising determining that a message protocol associated with the selected second message matches an instant messaging protocol definition file;
in response to detecting the selected second message, using the proxy enforcer to force the selected second message to use a defined port on the protocol message gateway; and
using the protocol message gateway to implement at least one of the policy rules in association with the selected second message.
30 Assignments
0 Petitions
Accused Products
Abstract
A protocol management system is capable of detecting certain message protocols and applying policy rules to the detected message protocols that prevent intrusion, or abuse, of a network'"'"'s resources. In one aspect, a protocol message gateway is configured to apply policy rules to high level message protocols, such as those that reside at layer 7 of the ISO protocol stack.
130 Citations
22 Claims
-
1. A method for managing one or more communication protocols, the method comprising:
-
providing a protocol message gateway in an enterprise network, the protocol message gateway comprising a proxy server, the protocol message gateway operative to communicate with a firewall of the enterprise network; receiving first messages with the protocol message gateway over the enterprise network, the protocol message gateway further operative to determine whether selected ones of the first messages use a target protocol and, in response to said determination, implement policy rules associated with the target protocol; providing a proxy enforcer within the enterprise network operative to passively listen for second messages that bypass the protocol message gateway; detecting a selected second message with the proxy enforcer, said detecting comprising determining that a message protocol associated with the selected second message matches an instant messaging protocol definition file; in response to detecting the selected second message, using the proxy enforcer to force the selected second message to use a defined port on the protocol message gateway; and using the protocol message gateway to implement at least one of the policy rules in association with the selected second message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A protocol enforcer, comprising:
-
a protocol definition file, the protocol definition file being associated with an instant messaging protocol; and a network interface configured to interface the protocol enforcer with an enterprise network, the protocol enforcer configured for; passively listening, via the network interface, for messages that bypass a protocol message gateway within the enterprise network, detecting a selected message in response to said passive listening, said detecting comprising determining when the message protocol matches the protocol definition file, and in response to detecting the selected message, performing at least one of; forcing the selected message to use a defined communication connection on a protocol message gateway, and applying a policy enforcement rule associated with the protocol definition file that terminates a communication connection associated with the selected message. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A protocol management system, comprising:
-
a protocol message gateway comprising a proxy server, the protocol message gateway operative to; receive first messages from one or more client devices over an enterprise network, determine whether selected ones of the first messages use a first target protocol, and in response to said determination, implement first policy rules associated with the first target protocol; and a protocol enforcer, the protocol enforcer comprising; a protocol definition file, and a network interface configured to interface the protocol enforcer with the enterprise network, the protocol enforcer configured for; detecting a second message that bypasses the protocol message gateway, said detecting comprising inspecting a message protocol associated with the second message to determine if the message protocol is an instant messaging protocol, and in response to detecting the second message, forcing the second message to use a defined communication connection on the protocol message gateway. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification