Application-based network traffic redirection for cloud security service
First Claim
1. A method of redirecting network traffic to a cloud security service, the method comprising:
- receiving a first network traffic;
identifying a first originating application program that originated the first network traffic;
determining whether or not to redirect the first network traffic to a cloud security service based on a characteristic of the first originating application program;
redirecting the first network traffic to the cloud security service based on the characteristic of the first originating application program;
receiving a second network traffic;
identifying a second originating application program that originated the second network traffic;
determining whether or not to redirect the second network traffic to the cloud security service based on a characteristic of the second originating application program; and
not redirecting the second network traffic to the cloud security service based on the characteristic of the second originating application program,wherein the second originating application program is different from the first originating application program.
1 Assignment
0 Petitions
Accused Products
Abstract
A cloud security service is made available to endpoint computers. Network traffic from originating application programs running on endpoint computers are redirected to the cloud security service based on characteristics of the originating application programs. Network traffic from an originating application program may be redirected to the cloud security service by way of a virtual private network (VPN) tunnel or generic routing encapsulation (GRE) tunnel between an endpoint computer and a cloud computing system hosting the cloud security service, for example. Network traffic from an originating application program may also be routed from an endpoint computer to a gateway system, and then redirected from the gateway system to the cloud computing system. The cloud security service may drop or forward network packets of the network traffic depending on a result of scanning the network packets.
-
Citations
9 Claims
-
1. A method of redirecting network traffic to a cloud security service, the method comprising:
-
receiving a first network traffic; identifying a first originating application program that originated the first network traffic; determining whether or not to redirect the first network traffic to a cloud security service based on a characteristic of the first originating application program; redirecting the first network traffic to the cloud security service based on the characteristic of the first originating application program; receiving a second network traffic; identifying a second originating application program that originated the second network traffic; determining whether or not to redirect the second network traffic to the cloud security service based on a characteristic of the second originating application program; and not redirecting the second network traffic to the cloud security service based on the characteristic of the second originating application program, wherein the second originating application program is different from the first originating application program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification
-
- Resources
-
Current AssigneeTrend Micro Inc.
-
Original AssigneeTrend Micro Inc.
-
InventorsWei, Shaohong Peter, Jensen, Wayne
-
Primary Examiner(s)Sheikh, Ayaz
-
Assistant Examiner(s)Asefa, Debebe
-
Application NumberUS13/536,774Time in Patent Office873 DaysField of Search370254-350, 709201-213, 709/235, 709/245, 726/22, 726/26US Class Current709/235CPC Class CodesH04L 63/0272 Virtual private networksH04L 63/1408 by monitoring network traff...H04L 63/20 for managing network securi...H04L 67/10 in which an application is ...H04L 67/563 Data redirection of data ne...
