System, method, and computer program product for directing predetermined network traffic to a honeypot
First Claim
Patent Images
1. A method, comprising:
- identifying, by a firewall in communication with a honeypot, predetermined network traffic originating from a node in one of a local area network and a virtual private network utilizing at least one rule for identifying the predetermined network traffic, wherein characteristics of the predefined network traffic match predefined criteria associated with unauthorized network traffic, and wherein the predefined criteria includes the unauthorized network traffic including confidential information not authorized for communication from the node;
directing, by the firewall, the predetermined network traffic to the honeypot;
analyzing the predetermined network traffic directed to the honeypot; and
receiving, by the firewall, an update of the at least one rule based on the analysis of the predetermined network traffic directed to the honeypot.
10 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer program product are provided for directing predetermined network traffic to a honeypot. In use, predetermined network traffic originating from a node in a local area network and/or a virtual private network is identified. Further, the predetermined network traffic is directed to a honeypot.
-
Citations
14 Claims
-
1. A method, comprising:
-
identifying, by a firewall in communication with a honeypot, predetermined network traffic originating from a node in one of a local area network and a virtual private network utilizing at least one rule for identifying the predetermined network traffic, wherein characteristics of the predefined network traffic match predefined criteria associated with unauthorized network traffic, and wherein the predefined criteria includes the unauthorized network traffic including confidential information not authorized for communication from the node; directing, by the firewall, the predetermined network traffic to the honeypot; analyzing the predetermined network traffic directed to the honeypot; and receiving, by the firewall, an update of the at least one rule based on the analysis of the predetermined network traffic directed to the honeypot. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer program product embodied on a non-transitory computer readable medium for performing operations, comprising:
-
identifying, by a firewall in communication with a honeypot, predetermined network traffic originating from a node in one of a local area network and a virtual private network utilizing at least one rule for identifying the predetermined network traffic, wherein characteristics of the predefined network traffic match predefined criteria associated with unauthorized network traffic, and wherein the predefined criteria includes the unauthorized network traffic including confidential information not authorized for communication from the node; directing, by the firewall, the predetermined network traffic to the honeypot; analyzing the predetermined network traffic directed to the honeypot; and receiving, by the firewall, an update of the at least one rule based on the analysis of the predetermined network traffic directed to the honeypot.
-
-
14. A system, comprising:
-
a honeypot; and a firewall in communication with the honeypot, the firewall including a processor and a memory and being configured to; identify predetermined network traffic originating from a node in one of a local area network and a virtual private network utilizing at least one rule for identifying the predetermined network traffic, wherein characteristics of the predefined network traffic match predefined criteria associated with unauthorized network traffic, and wherein the predefined criteria includes the unauthorized network traffic including confidential information not authorized for communication from the node; direct the predetermined network traffic to the honeypot; and receive an update of the at least one rule based on an analysis of the predetermined network traffic directed to the honeypot.
-
Specification