×

Network security policy enforcement integrated with DNS server

  • US 9,602,538 B1
  • Filed: 03/21/2006
  • Issued: 03/21/2017
  • Est. Priority Date: 03/21/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method of enforcing a security policy on a user computer in a computer network, said method comprising:

  • detecting a request from said user computer of said computer network to access a requested web site, said detecting performed by a plug-in module of a Domain Name Service (DNS) server;

    intercepting said request at said DNS server by said plug-in module such that said request is not received by a DNS service on said DNS server;

    determining a network address of said user computer by said plug-in module;

    performing a security check of said user computer by said plug-in module using one or more probe packets sent by said plug-in module to said network address to determine whether said user computer has implemented a security policy of said computer network;

    determining as a result of said security check of said user computer that said security policy is not implemented on said user computer;

    redirecting said user computer to a security Web site by returning an Internet Protocol (IP) address to said user computer that is an IP address of said security web site, said IP address not being an IP address of said requested web site; and

    displaying a message on said user computer from said security web site indicating said security policy to be implemented on said user computer.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×