Managing use of proxies to access restricted network locations
First Claim
1. A method of operating a threat management facility to prevent proxy access to content prohibited by a network policy, the method comprising:
- A. receiving a network location access request at the threat management facility from a client belonging to an enterprise secured by the threat management facility;
B. accessing a URL database that contains categorized URLs and determining if a URL associated with the network location access request is a previously uncategorized URL;
C. when the URL associated with the network location access request is a previously uncategorized URL, determining if the URL associated with the network location access request includes a primary URL with a first network location to be accessed by the client and a secondary URL within the primary URL with a second network location of a website to be accessed using the first network location as a proxy site;
D. when the URL includes a secondary URL with a second network location of a website to be accessed using the first network location as a proxy site, accessing the URL database and determining if the client is restricted from accessing the website identified by the secondary URL; and
E. when the client is restricted from accessing the website, blocking the network location access request for the URL.
9 Assignments
0 Petitions
Accused Products
Abstract
In embodiments of the present invention improved capabilities are described for the detection of uncategorized web-based proxy sites, where an action may be provided in association with access to restricted network locations. In a step A, a network location access request may be received from a computing facility. In a step B, a URL database may be assessed that contains categorized URLs and it may be determined that a URL associated with the network location access request is previously uncategorized URL. In a step C, it may be determined that the URL associated with the network location access request includes a secondary URL. In a step D, the URL database may be accessed that contains categorized URLs and it may be determined that the client is restricted from accessing the secondary URL. In a step E, the action may be provided in association with the network location access request as a previously uncategorized proxy website when steps B, C, and D are all met.
31 Citations
24 Claims
-
1. A method of operating a threat management facility to prevent proxy access to content prohibited by a network policy, the method comprising:
-
A. receiving a network location access request at the threat management facility from a client belonging to an enterprise secured by the threat management facility; B. accessing a URL database that contains categorized URLs and determining if a URL associated with the network location access request is a previously uncategorized URL; C. when the URL associated with the network location access request is a previously uncategorized URL, determining if the URL associated with the network location access request includes a primary URL with a first network location to be accessed by the client and a secondary URL within the primary URL with a second network location of a website to be accessed using the first network location as a proxy site; D. when the URL includes a secondary URL with a second network location of a website to be accessed using the first network location as a proxy site, accessing the URL database and determining if the client is restricted from accessing the website identified by the secondary URL; and E. when the client is restricted from accessing the website, blocking the network location access request for the URL. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of operating a threat management facility to prevent proxy access to content prohibited by a network policy, the method comprising:
-
A. receiving a network location access request from a client at the threat management facility; B. analyzing the network location access request to discover if the network location request includes a primary URL of a proxy site and a secondary URL within the primary URL of a website to be accessed through the proxy site; C. in response to a discovery of the secondary URL in step B wherein the secondary URL includes a location for proxy access from the client through the proxy site identified in the primary URL, determining if the secondary URL is a restricted URL to which the client is restricted from access by the network policy; and D. in the event the secondary URL is the restricted URL as identified in the network policy, providing an action in association with access to at least one of the primary URL and the secondary URL. - View Dependent Claims (21, 22, 23, 24)
-
Specification