Sending out-of-band notifications
First Claim
1. A computer-implemented method for sending an out-of-band notification of a security policy enforcement action to a user of a client, the method comprising:
- receiving outbound network traffic sent from the client to a server, the outbound network traffic comprising a hypertext transport protocol (HTTP) POST message;
analyzing the HTTP POST message to determine whether the message contains data violating a data loss prevention (DLP) policy of an enterprise with which the client is associated;
responsive to a determination that the message contains data violating the DLP policy, performing an enforcement action by blocking the message from reaching the server or redacting the data violating the DLP policy from the message;
inserting an out-of-band notification message describing the enforcement action into a response to the outbound network traffic; and
sending the response including the inserted out-of-band notification message to the client.
2 Assignments
0 Petitions
Accused Products
Abstract
Out-of-band notifications are used to inform users of clients of security policy enforcement actions, such as enforcement of a data loss prevention (DLP) policy. Code for instantiating a notification agent at a client used by a user is inserted into network traffic inbound to the client. Outbound network traffic sent from the client to a server is monitored for compliance with one or more security policies. If it is determined that the network traffic violates a security policy, an enforcement action is taken. An out-of-band notification message describing the enforcement action is inserted into a response to the outbound network traffic and sent to the client. The notification agent at the client receives the notification message and presents the message to the user.
261 Citations
16 Claims
-
1. A computer-implemented method for sending an out-of-band notification of a security policy enforcement action to a user of a client, the method comprising:
-
receiving outbound network traffic sent from the client to a server, the outbound network traffic comprising a hypertext transport protocol (HTTP) POST message; analyzing the HTTP POST message to determine whether the message contains data violating a data loss prevention (DLP) policy of an enterprise with which the client is associated; responsive to a determination that the message contains data violating the DLP policy, performing an enforcement action by blocking the message from reaching the server or redacting the data violating the DLP policy from the message; inserting an out-of-band notification message describing the enforcement action into a response to the outbound network traffic; and sending the response including the inserted out-of-band notification message to the client. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable storage medium storing executable computer program instructions for sending an out-of-band notification of a security policy enforcement action to a user of a client, the instructions executable to perform steps comprising:
-
receiving outbound network traffic sent from the client to a server, the outbound network traffic comprising a hypertext transport protocol (HTTP) POST message; analyzing the HTTP POST message to determine whether the message contains data violating a data loss prevention (DLP) policy of an enterprise with which the client is associated; responsive to a determination that the message contains data violating the DLP policy, performing an enforcement action by blocking the message from reaching the server or redacting the data violating the DLP policy from the message; inserting an out-of-band notification message describing the enforcement action into a response to the outbound network traffic; and sending the response including the inserted out-of-band notification message to the client. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A computer system for sending an out-of-band notification of a security policy enforcement action to a user of a client, the computer system comprising:
-
a non-transitory computer-readable storage medium storing executable computer program instructions comprising instructions for; receiving outbound network traffic sent from the client to a server; receiving inbound network traffic from the server to the client, the inbound network traffic including a response to the outbound network traffic; analyzing the received inbound network traffic; selectively injecting agent code into the inbound network traffic responsive to the analysis of the inbound network traffic, the agent code adapted to execute at the client to instantiate a notification agent at the client, the notification agent adapted to receive the inserted out-of-band notification message and present the notification message to the user of the client; analyzing the HTTP POST message to determine whether the message contains data violating a data loss prevention (DLP) policy of an enterprise with which the client is associated; responsive to a determination that the message contains data violating the DLP policy, performing an enforcement action by blocking the message from reaching the server or redacting the data violating the DLP policy from the message; inserting an out-of-band notification message describing the enforcement action into the response to the outbound network traffic; and sending the response including the inserted out-of-band notification message to the client; and a processor for executing the computer program instructions. - View Dependent Claims (13, 14, 15, 16)
-
Specification