×

Layer-4 transparent secure transport protocol for end-to-end application protection

  • US 8,295,306 B2
  • Filed: 04/11/2008
  • Issued: 10/23/2012
  • Est. Priority Date: 08/28/2007
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • at a service module of a network device, receiving a packet of a network transaction from a client device over a first network;

    obtaining policy information from a gateway device via a secure control channel;

    analyzing the policy information to determine a security zone classification associated with the packet;

    when the security zone classification requires high security for the packet;

    encrypting a portion of the packet with an encryption header that contains payload information while maintaining an unencrypted portion of the packet comprising destination address information of the packet such that layer 4 processing can be applied to the packet;

    adding to the packet an integrity code that is associated with the payload information to authenticate the packet;

    performing layer 2 to layer 4 (layer 2-4) processes on the unencrypted portion of the packet without having to decrypt the encrypted portion of the packet such that the packet maintains a transparent secure transport function; and

    evaluating an authorization of the packet to determine whether the packet is eligible to access a server of a data center over a second network based on network characteristics of the packet obtained from the layer 2-4 processes.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×