Filtering of applications for access to an enterprise network
First Claim
1. A non-transitory computer-readable storage medium having non-transient computer-readable code embodied on the computer-readable storage medium, the computer-readable code for controlling access to a protected computer network, the computer-readable code comprising:
- (a) program code for intercepting packets that are being exchanged between a computer system and the protected computer network; and
(b) program code for;
for each said packet;
(i) identifying an application, that is running on said computer system, that is associated with said each packet,(ii) determining whether said application is trusted, and(iii) disposing of said each packet in accordance with said determining, whereinsaid identifying uses a process identification (PID) of one of the running processes of the application;
said each packet is being sent by said computer system to the protected computer network, and wherein, if said determining determines that said application is not trusted, then said disposing includes;
(A) routing said each packet to a network other than the protected computer network; and
(B) tagging said each packet for further processing in the protected computer network;
if said each packet is being sent from said computer system to the protected computer network and said determining determines that said application is trusted, then said disposing includes encrypting said each packet; and
if said each packet is being received by said computer system from the protected computer network and said determining determines that said application is trusted, then said disposing includes decrypting said each packet.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-readable storage medium has embedded thereon non-transient computer-readable code for controlling access to a protected computer network, by intercepting packets that are being exchanged between a computer system and the protected network, and then, for each intercepted packet, identifying the associated application that is running on the computer system, determining whether the application is trusted, for example according to a white list or according to a black list, and disposing of the packet accordingly.
-
Citations
16 Claims
-
1. A non-transitory computer-readable storage medium having non-transient computer-readable code embodied on the computer-readable storage medium, the computer-readable code for controlling access to a protected computer network, the computer-readable code comprising:
-
(a) program code for intercepting packets that are being exchanged between a computer system and the protected computer network; and (b) program code for;
for each said packet;(i) identifying an application, that is running on said computer system, that is associated with said each packet, (ii) determining whether said application is trusted, and (iii) disposing of said each packet in accordance with said determining, wherein said identifying uses a process identification (PID) of one of the running processes of the application; said each packet is being sent by said computer system to the protected computer network, and wherein, if said determining determines that said application is not trusted, then said disposing includes; (A) routing said each packet to a network other than the protected computer network; and (B) tagging said each packet for further processing in the protected computer network; if said each packet is being sent from said computer system to the protected computer network and said determining determines that said application is trusted, then said disposing includes encrypting said each packet; and if said each packet is being received by said computer system from the protected computer network and said determining determines that said application is trusted, then said disposing includes decrypting said each packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer system comprising:
-
(a) a port; (b) a plurality of application modules that are operative to exchange packets with a protected computer network via said port; and (c) a network security interface configured to; (i) intercept said packets, and (ii) for each said packet; (A) identify which said application module is associated with said each packet using a process identification (PID) of one of the running processes of the application module; (B) determine whether said application module, that is associated with said each packet, is trusted, and (C) dispose of said each packet in accordance with said determining wherein said each packet is being sent by the computer system to the protected computer network, and wherein, if said determining determines that said application module is not trusted, then said disposing includes; (A) routing said each packet to a network other than the protected computer network; and (B) tagging said each packet for further processing in the protected computer network; if said each packet is being sent from said computer system to the protected computer network and said determining determines that said application is trusted, then said disposing includes encrypting said each packet; and if said each packet is being received by said computer system from the protected computer network and said determining determines that said application is trusted, then said disposing includes decrypting said each packet. - View Dependent Claims (15, 16)
-
Specification