Surround security system
First Claim
Patent Images
1. An apparatus, comprising:
- a processor to;
transfer a plurality of packets from a network interface to a TCP/IP stack of a computer system at least in part by screening the plurality of packets for acceptability utilizing one or more packet enforcement evaluators, the plurality of packets comprising one or more packets from a virtual private network connection, the processor further to decrypt the one or more packets from the virtual private network utilizing the one or more packet enforcement evaluators;
transfer one or more of the plurality of packets from the TCP/IP stack to one or more application programming interfaces for a respective one or more applications of the computer system at least in part by screening individual packets of the plurality of packets for acceptability utilizing one or more application sensitive filters related to the respective one or more applications;
verify integrity of one or more files related to the one or more applications and/or one or more operating systems; and
determine whether one or more patches are available for the one or more applications and/or the one or more operating systems.
5 Assignments
0 Petitions
Accused Products
Abstract
A surround security system which screens packets transitioning a TCP/IP stack of a computer system from being broadcast over a network or being communicated to applications installed on the computer system. The surround security system may further include protections for the operating system, applications and security configurations.
70 Citations
20 Claims
-
1. An apparatus, comprising:
- a processor to;
transfer a plurality of packets from a network interface to a TCP/IP stack of a computer system at least in part by screening the plurality of packets for acceptability utilizing one or more packet enforcement evaluators, the plurality of packets comprising one or more packets from a virtual private network connection, the processor further to decrypt the one or more packets from the virtual private network utilizing the one or more packet enforcement evaluators; transfer one or more of the plurality of packets from the TCP/IP stack to one or more application programming interfaces for a respective one or more applications of the computer system at least in part by screening individual packets of the plurality of packets for acceptability utilizing one or more application sensitive filters related to the respective one or more applications; verify integrity of one or more files related to the one or more applications and/or one or more operating systems; and determine whether one or more patches are available for the one or more applications and/or the one or more operating systems. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- a processor to;
-
11. A method, comprising:
-
transferring a plurality of packets from a network interface component of a computing platform to a TCP/IP stack in a memory of the computer system utilizing a processor of the computing platform at least in part by screening the plurality of packets for acceptability according to one or more packet enforcement evaluators, the plurality of packets comprising one or more packets from a virtual private network connection to be decrypted according to the one or more packet enforcement evaluators; transferring one or more of the plurality of packets from the TCP/IP stack in a memory of the computing platform to one or more application programming interfaces for a respective one or more applications of the computer system at least in part by screening individual packets of the plurality of packets for acceptability according to one or more application sensitive filters related to the respective one or more applications; verifying integrity of one or more files related to the one or more applications and/or one or more operating systems utilizing the processor of the computing platform; and determining whether one or more patches are available for the one or more applications and/or the one or more operating systems. - View Dependent Claims (12, 13, 14, 15)
-
-
16. An article, comprising:
- a non-transitory machine-readable medium having stored thereon instructions executable by a processor of a computing platform to;
transfer a plurality of packets from a network interface to a TCP/IP stack at least in part by screening the plurality of packets for acceptability according to one or more packet enforcement evaluators, the plurality of packets comprising one or more packets from a virtual private network connection to be decrypted according to the one or more packet enforcement evaluators; transfer one or more of the plurality of packets from the TCP/IP stack to one or more application programming interfaces for a respective one or more applications at least in part by screening individual packets of the plurality of packets for acceptability according to one or more application sensitive filters related to the respective one or more applications; verify integrity of one or more files related to the one or more applications and/or one or more operating systems; and determine whether one or more patches are available for the one or more applications and/or the one or more operating systems. - View Dependent Claims (17, 18, 19, 20)
- a non-transitory machine-readable medium having stored thereon instructions executable by a processor of a computing platform to;
Specification