×

Method and system for securely scanning network traffic

  • US 8,136,152 B2
  • Filed: 04/18/2008
  • Issued: 03/13/2012
  • Est. Priority Date: 04/04/2002
  • Status: Active Grant
First Claim
Patent Images

1. A method for scanning network traffic, comprising:

  • forwarding a first data packet from a first device to a second device based on an obtained encryption parameter shared by the first device, the second device, and a separate computer, wherein the encryption parameter is determined based upon a first security association between the first device and the separate computer and a second security association between the second device and the separate computer, wherein the separate computer is adapted to calculate a first secret key associated with the first security association and a second secret key associated with the second security association;

    forwarding a copy of the first data packet to a predetermined portion of the separate computer that is restricted from access by operators of the separate computer;

    scanning the copy of the first data packet to determine compliance with a predetermined criterion associated with the separate computer;

    forwarding the first data packet and deleting the copy of the first data packet if the copy scanned is determined to be in compliance with the predetermined criterion; and

    discarding both the first data packet and the copy of the first data packet if the copy scanned is determined to be in non-compliance with the predetermined criterion.

View all claims
  • 7 Assignments
Timeline View
Assignment View
    ×
    ×