Network data transmission analysis
First Claim
1. A method for analyzing data transmitted through a virtual network, the method comprising:
- under control of a virtual network comprising a substrate network associated with a plurality of physical computing nodes that are configured to at least partially simulate operation of the virtual network,receiving a DLP policy that includes (i) context criteria and (ii) content criteria, the context criteria comprising information about organizational structure or services of a user of the virtual network;
associating the information about the organizational structure or services of the virtual network user with at least one of the virtual network or the substrate network;
analyzing, based at least in part on the DLP policy, a network flow transmitted via the virtual network;
detecting a subset of the network flow that includes a match to at least one of the context criteria of the DLP policy or a match to at least one of the content criteria of the DLP policy; and
performing an action on at least a portion of the detected subset of the network flow based at least in part on the DLP policy.
0 Assignments
0 Petitions
Accused Products
Abstract
Network computing systems may implement data loss prevention (DLP) techniques to reduce or prevent unauthorized use or transmission of confidential information or to implement information controls mandated by statute, regulation, or industry standard. Implementations of network data transmission analysis systems and methods are disclosed that can use contextual information in a DLP policy to monitor data transmitted via the network. The contextual information may include information based on a network user'"'"'s organizational structure or services or network infrastructure. Some implementations may detect bank card information in network data transmissions. Some of the systems and methods may be implemented on a virtual network overlaid on one or more intermediate physical networks that are used as a substrate network.
-
Citations
22 Claims
-
1. A method for analyzing data transmitted through a virtual network, the method comprising:
-
under control of a virtual network comprising a substrate network associated with a plurality of physical computing nodes that are configured to at least partially simulate operation of the virtual network, receiving a DLP policy that includes (i) context criteria and (ii) content criteria, the context criteria comprising information about organizational structure or services of a user of the virtual network; associating the information about the organizational structure or services of the virtual network user with at least one of the virtual network or the substrate network; analyzing, based at least in part on the DLP policy, a network flow transmitted via the virtual network; detecting a subset of the network flow that includes a match to at least one of the context criteria of the DLP policy or a match to at least one of the content criteria of the DLP policy; and performing an action on at least a portion of the detected subset of the network flow based at least in part on the DLP policy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for analyzing network data, the system comprising:
-
one or more physical computing devices configured to; associate a data loss prevention (DLP) policy with a virtual network that is overlaid on one or more physical computing networks, the DLP policy specifying (i) context criteria and (ii) content criteria, the context criteria comprising information about organizational structure or services of a user of the virtual network; track data transmitted via the virtual network; determine whether at least a portion of the tracked data violates the DLP policy; and perform an action on the at least a portion of the tracked data based at least in part on the DLP policy. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. Non-transitory computer storage having computer-executable instructions stored thereon for analyzing network data, the non-transitory computer storage comprising computer-executable instructions for:
-
analyzing data transmitted via a virtual network; detecting a subset of the data that matches one or more criteria specified by a data loss prevention (DLP) policy, the DLP policy specifying (i) context criteria and (ii) content criteria, the context criteria comprising information about organizational structure or services of a user of the virtual network; and in response to detection of the match, storing information associated with the data in a log. - View Dependent Claims (20, 21, 22)
-
Specification