Application-based network traffic redirection for cloud security service
First Claim
1. A method of redirecting network traffic to a cloud security service, the method comprising:
- receiving a first network traffic;
identifying a first originating application program that originated the first network traffic;
determining whether or not to redirect the first network traffic to a cloud security service based on a characteristic of the first originating application program;
redirecting the first network traffic to the cloud security service based on the characteristic of the first originating application program;
receiving a second network traffic;
identifying a second originating application program that originated the second network traffic;
determining whether or not to redirect the second network traffic to the cloud security service based on a characteristic of the second originating application program; and
not redirecting the second network traffic to the cloud security service based on the characteristic of the second originating application program,wherein the second originating application program is different from the first originating application program.
1 Assignment
0 Petitions
Accused Products
Abstract
A cloud security service is made available to endpoint computers. Network traffic from originating application programs running on endpoint computers are redirected to the cloud security service based on characteristics of the originating application programs. Network traffic from an originating application program may be redirected to the cloud security service by way of a virtual private network (VPN) tunnel or generic routing encapsulation (GRE) tunnel between an endpoint computer and a cloud computing system hosting the cloud security service, for example. Network traffic from an originating application program may also be routed from an endpoint computer to a gateway system, and then redirected from the gateway system to the cloud computing system. The cloud security service may drop or forward network packets of the network traffic depending on a result of scanning the network packets.
-
Citations
9 Claims
-
1. A method of redirecting network traffic to a cloud security service, the method comprising:
-
receiving a first network traffic; identifying a first originating application program that originated the first network traffic; determining whether or not to redirect the first network traffic to a cloud security service based on a characteristic of the first originating application program; redirecting the first network traffic to the cloud security service based on the characteristic of the first originating application program; receiving a second network traffic; identifying a second originating application program that originated the second network traffic; determining whether or not to redirect the second network traffic to the cloud security service based on a characteristic of the second originating application program; and not redirecting the second network traffic to the cloud security service based on the characteristic of the second originating application program, wherein the second originating application program is different from the first originating application program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification