×

Filtering of applications for access to an enterprise network

  • US 9,210,128 B2
  • Filed: 05/26/2013
  • Issued: 12/08/2015
  • Est. Priority Date: 10/25/2012
  • Status: Active Grant
First Claim
Patent Images

1. A non-transitory computer-readable storage medium having non-transient computer-readable code embodied on the computer-readable storage medium, the computer-readable code for controlling access to a protected computer network, the computer-readable code comprising:

  • (a) program code for intercepting packets that are being exchanged between a computer system and the protected computer network; and

    (b) program code for;

    for each said packet;

    (i) identifying an application, that is running on said computer system, that is associated with said each packet,(ii) determining whether said application is trusted, and(iii) disposing of said each packet in accordance with said determining, whereinsaid identifying uses a process identification (PID) of one of the running processes of the application;

    said each packet is being sent by said computer system to the protected computer network, and wherein, if said determining determines that said application is not trusted, then said disposing includes;

    (A) routing said each packet to a network other than the protected computer network; and

    (B) tagging said each packet for further processing in the protected computer network;

    if said each packet is being sent from said computer system to the protected computer network and said determining determines that said application is trusted, then said disposing includes encrypting said each packet; and

    if said each packet is being received by said computer system from the protected computer network and said determining determines that said application is trusted, then said disposing includes decrypting said each packet.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×