Systems and methods for enabling assured records using fine grained auditing of virtual private network traffic
First Claim
1. A method for enabling assured compliance records using fine grained auditing of network traffic, the method comprising:
- (a) establishing, by an appliance, a transport layer virtual private network connection with a client operated by a first user;
(b) receiving, by the appliance via the connection, a request from the client identifying a resource;
(c) determining, by the appliance, that the request meets at least one security condition;
(d) transmitting, by the appliance to an audit log, a record of the request, the appliance holding the request from accessing the resource until receiving confirmation from the audit log that the record of the request is successfully logged;
(e) receiving, by the appliance from the audit log, a confirmation that the record of the request was successfully logged; and
(f) granting, by the appliance, the first user access via the appliance to the resource identified in the request responsive to receiving the confirmation that the record of the request was successfully logged.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods for enabling assured records using fine grained auditing of virtual private network traffic include establishing, by an appliance, a transport layer virtual private network connection with a client operated by a user; receiving, by the appliance via the connection, a request from the client identifying a resource; determining, by the appliance, the request meets at least one security condition; transmitting, by the appliance to an audit log, a record of the request; receiving, by the appliance from the audit log, a confirmation that the record was logged; and granting, responsive to the received confirmation, access to the identified resource. Security conditions may identify at least one user, at least one application, a network or group of networks, and one or more resources. Corresponding systems are also described.
-
Citations
21 Claims
-
1. A method for enabling assured compliance records using fine grained auditing of network traffic, the method comprising:
-
(a) establishing, by an appliance, a transport layer virtual private network connection with a client operated by a first user; (b) receiving, by the appliance via the connection, a request from the client identifying a resource; (c) determining, by the appliance, that the request meets at least one security condition; (d) transmitting, by the appliance to an audit log, a record of the request, the appliance holding the request from accessing the resource until receiving confirmation from the audit log that the record of the request is successfully logged; (e) receiving, by the appliance from the audit log, a confirmation that the record of the request was successfully logged; and (f) granting, by the appliance, the first user access via the appliance to the resource identified in the request responsive to receiving the confirmation that the record of the request was successfully logged. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer implemented system for enabling assured compliance records using fine grained auditing of network traffic, the system comprising:
-
a storage device comprising an audit log; and an appliance which establishes a transport layer virtual private network connection with a client operated by a first user;
receives via the connection, a request from the client identifying a resource and holds the request from accessing the resource until receiving confirmation that record of the request is successfully logged;
determines that the request meets at least one security condition;
transmits, to the audit log, the record of the request;
receives, from the audit log, a confirmation that the record of the request was logged; and
grants the first user access to the resource identified in the request responsive to receiving the confirmation that the record of the request was logged. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for enabling assured compliance records using fine grained auditing of network traffic, the method comprising:
-
(a) establishing, by an appliance, a transport layer virtual private network connection with a client operated by a first user; (b) receiving, by the appliance via the connection, a request from the client identifying a Resource; (c) determining, by the appliance, that the request meets at least one security condition; (d) transmitting, by the appliance to an audit log, a record of the request, the appliance holding the request from accessing the resource until receiving confirmation from the audit log that the record of the request is successfully logged; and (f) granting, by the appliance, the first user access via the appliance to the resource identified in the request if the appliance receives the confirmation that the record of the request was successfully logged and not granting the first user access if the appliance does not receive confirmation that the record of the request was successfully logged.
-
Specification