Reputation based connection throttling
First Claim
1. A reputation based connection throttling system for voice over internet protocol communications, the system comprising:
- one or more processors; and
memory coupled to the one or more processors and including instructions, which, when executed by the one or more processors, cause the one or more processors to define;
a communications interface operable to receive voice over Internet protocol connection requests associated with external entities prior to connections being established between the external entities and a protected network associated with the communications interface;
a reputation engine operable, for each of the external entities, to;
derive a reputation associated with an individual external entity; and
determine whether the reputation of the individual external entity is one of a reputable reputation or a non-reputable reputation;
a connection control engine operable to allow a connection request from the individual external entity to the protected network; and
a load balancer engine operable, for each of the external entities having been determined to have a non-reputable reputation, to;
determine a degree of non-reputability of the reputation of the external entity having the non-reputable reputation; and
in response to the connection request from the external entity having the non-reputable reputation entity being allowed, send voice over Internet protocol data packets originating from the external entity having the non-reputable reputation entity to a particular message interrogation engine based on the degree of non-reputability of the external entity having the non-reputable reputation, wherein data packets from a first set of the external entities having degrees of non-reputability higher than degrees of non-reputability of a second set of the external entities are sent to a first message interrogation engine with a higher inspection load than a second message interrogation engine to which data packets from the second set are sent.
11 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for reputation based connection determinations are provided. Systems used for reputation based connection throttling can include a communications interface, a reputation engine and a connection control engine. The communications interface can receive connection requests associated with an external entity prior to a connection being established to the external entity. The reputation engine can derive a reputation associated with the external entity. The connection control engine can allow or deny connection requests to a protected network based upon the derived reputation of the external entity.
450 Citations
17 Claims
-
1. A reputation based connection throttling system for voice over internet protocol communications, the system comprising:
-
one or more processors; and memory coupled to the one or more processors and including instructions, which, when executed by the one or more processors, cause the one or more processors to define; a communications interface operable to receive voice over Internet protocol connection requests associated with external entities prior to connections being established between the external entities and a protected network associated with the communications interface; a reputation engine operable, for each of the external entities, to; derive a reputation associated with an individual external entity; and determine whether the reputation of the individual external entity is one of a reputable reputation or a non-reputable reputation; a connection control engine operable to allow a connection request from the individual external entity to the protected network; and a load balancer engine operable, for each of the external entities having been determined to have a non-reputable reputation, to; determine a degree of non-reputability of the reputation of the external entity having the non-reputable reputation; and in response to the connection request from the external entity having the non-reputable reputation entity being allowed, send voice over Internet protocol data packets originating from the external entity having the non-reputable reputation entity to a particular message interrogation engine based on the degree of non-reputability of the external entity having the non-reputable reputation, wherein data packets from a first set of the external entities having degrees of non-reputability higher than degrees of non-reputability of a second set of the external entities are sent to a first message interrogation engine with a higher inspection load than a second message interrogation engine to which data packets from the second set are sent. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer-implemented method, comprising:
-
receiving voice over internet protocol connection requests associated with external entities prior to connections being established between an individual external entity and a protected network; for each of the external entities; deriving a reputation associated with the individual external entity; and determining whether the reputation of the individual external entity is one of a reputable reputation or a non-reputable reputation; in response to determining that the reputation of the individual external entity is a reputable reputation, allowing a connection request from the individual external entity to the protected network; and in response to determining that the reputation of the individual external entity is a non-reputable reputation, allowing the connection request to the protected network and determining a degree of non-reputability of the reputation of the individual external entity; sending voice over internet protocol data packets originating from a first set of the external entities having first degrees of non-reputability to a first message interrogation engine; and sending voice over interne protocol data packets originating from a second set of the external entities having degrees of non-reputability less than the first degrees of non-reputability of the first set to a second message interrogation engine, wherein the first message interrogation engine has a higher inspection load than the second message interrogation engine. - View Dependent Claims (14, 15, 16)
-
-
17. A non-transitory computer storage medium encoded with a computer program, the program comprising instructions that when executed by data processing apparatus cause the data processing apparatus to perform operations, comprising:
-
receiving voice over internet protocol connection requests associated with external entities prior to connections being established between the external entities and a protected network; for each of the external entities; deriving a reputation associated with the external entity; and determining whether the reputation of the external entity is one of a reputable reputation or a non-reputable reputation; in response to determining that the reputation of the external entity is a reputable reputation, allowing a connection request from the external entity to the protected network; and in response to determining that the reputation of the external entity is a non-reputable reputation, allowing the connection request to the protected network and determining a degree of non-reputability of the reputation of the external entity; sending voice over internet protocol data packets originating from a first set of the external entities having first degrees of non-reputability to a first message interrogation engine; and sending voice over internet protocol data packets originating from a second set of the external entities having degrees of non-reputability less than the first degrees of non-reputability of the first set to a second message interrogation engine, wherein the first message interrogation engine has a higher inspection load than the second message interrogation engine.
-
Specification