System and method for interlocking a host and a gateway
First Claim
Patent Images
1. A method, comprising:
- receiving a content tag associated with transferring a first file over a network connection, wherein the content tag is an indicator of a classification of content in a second file, and wherein the first file is a modified version of the second file;
correlating, using a processor coupled to memory, the content tag with a network policy; and
applying the network policy to the network connection.
10 Assignments
0 Petitions
Accused Products
Abstract
A method is described in example embodiments below that include receiving a content tag associated with transferring a file over a network connection. A session descriptor may also be received. The session descriptor and the content tag may be correlated with a network policy, which may be applied to the network connection. In some embodiments, the content tag may be received with the session descriptor. The file may be tainted by another file in some embodiments, and the content tag may be associated with other file.
344 Citations
23 Claims
-
1. A method, comprising:
-
receiving a content tag associated with transferring a first file over a network connection, wherein the content tag is an indicator of a classification of content in a second file, and wherein the first file is a modified version of the second file; correlating, using a processor coupled to memory, the content tag with a network policy; and applying the network policy to the network connection. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. Logic encoded in one or more tangible non-transitory media that includes code for execution and when executed by one or more processors is operable to perform operations comprising:
-
receiving a content tag associated with transferring a first file over a network connection, wherein the content tag is an indicator of a classification of content in a second file, and wherein the first file is a modified version of the second file; correlating the content tag with a network policy; and applying the network policy to the network connection. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An apparatus, comprising:
-
a firewall module; one or more processors configured to execute instructions associated with the firewall module such that the apparatus is configured to perform operations comprising; receiving a content tag associated with transferring a first file over a network connection, wherein the content tag is an indicator of a classification of content in a second file, and wherein the first file is a modified version of the second file; correlating the content tag with a network policy; and applying the network policy to the network connection. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. An apparatus, comprising:
-
a firewall agent; one or more processors configured to execute instructions associated with the firewall agent such that the apparatus is configured to perform operations comprising; detecting a transfer of a first file to the apparatus; calculating a hash of the first file; identifying a content tag associated with the first file based on the hash of the first file, wherein the content tag is an indicator of a classification of content in the first file; associating the content tag with a second file based on the second file and the first file being used on the apparatus during a same session; detecting a transfer of the second file to a network gateway; and sending the content tag to the network gateway.
-
-
21. An apparatus, comprising:
-
firewall agent; one or more processors configured to execute instructions associated with the firewall agent such that the apparatus is configured to perform operations comprising; detecting a transfer of a first file to the apparatus; calculating a hash of the first file; identifying a content tag associated with the first file based on the hash of the first file, wherein the content to is an indicator of a classification of content in the first file; associating the content tag with a second file, wherein the second file is a modified version of the first file; detecting a transfer of the second file to a network gateway; and sending the content tag to the network gateway.
-
-
22. One or more non-transitory computer readable media that include code for execution and when executed by one or more processors, cause the one or more processors to:
-
detect a transfer of a first file to a host; calculate a hash of the first file; identify a content tag associated with the first file based on the hash of the first file, wherein the content tag is an indicator of a classification of content in the first file; associate the content tag with a second file based on the second file and the first file being used on the host during a same session; detect a transfer of the second file to a network gateway; and send the content tag to the network gateway.
-
-
23. One or more non-transitory computer readable media that include code for execution and when executed by one or more processors, cause the one or more processors to:
-
detect a transfer of a first file to a host; calculate a hash of the first file; identify a content tag associated with the first file based on the hash of the first file, wherein the content tag is an indicator of a classification of content in the first file; associate the content tag with a second file, wherein the second file is a modified version of the first file; detect a transfer of the second file to a network gateway; and send the content tag to the network gateway.
-
Specification