Software as a service scanning system and method for scanning web traffic
First Claim
1. A computer-implemented method for scanning web traffic, the method comprising:
- receiving, by a local proxy, a first web traffic transmitted by a local client, wherein the local proxy and the local client are separate applications running on a same endpoint computer;
the local proxy obtaining a customer identity string that identifies a user of the local client as a paying customer to a software as a service (SaaS) scanning service;
the local proxy including the customer identity string in a header of the first web traffic, encrypting the header using a same symmetric encryption key shared by both the local proxy and an SaaS scanning system that provides the SaaS scanning service, and thereafter transmitting the first web traffic to the SaaS scanning system;
the SaaS scanning system decrypting the header using the same symmetric encryption key and authenticating the customer identity string included in the first web traffic to verify that the user of the local client is subscribed to the SaaS scanning service; and
the SaaS scanning system scanning the first web traffic for web threats,wherein the first web traffic is transmitted by the local client to the local proxy using a first communication protocol that is different from a second communication protocol employed by the local proxy to transmit the first web traffic to the SaaS scanning system.
1 Assignment
0 Petitions
Accused Products
Abstract
An endpoint computer includes a local client that transmits web traffic to a local proxy that also runs on the endpoint computer. The local proxy obtains a customer identity string that identifies a user of the local client as a paying customer of an SaaS scanning service provided by an SaaS scanning system. The local proxy inserts the customer identity string into the web traffic and thereafter transmits the web traffic to the SaaS scanning system, which authenticates the customer identity string before scanning the web traffic for web threats. The local client transmits the web traffic to the local proxy using a communication protocol and the local proxy can transmit the web traffic to the SaaS scanning system using the same or different communication protocol.
28 Citations
15 Claims
-
1. A computer-implemented method for scanning web traffic, the method comprising:
-
receiving, by a local proxy, a first web traffic transmitted by a local client, wherein the local proxy and the local client are separate applications running on a same endpoint computer; the local proxy obtaining a customer identity string that identifies a user of the local client as a paying customer to a software as a service (SaaS) scanning service; the local proxy including the customer identity string in a header of the first web traffic, encrypting the header using a same symmetric encryption key shared by both the local proxy and an SaaS scanning system that provides the SaaS scanning service, and thereafter transmitting the first web traffic to the SaaS scanning system; the SaaS scanning system decrypting the header using the same symmetric encryption key and authenticating the customer identity string included in the first web traffic to verify that the user of the local client is subscribed to the SaaS scanning service; and the SaaS scanning system scanning the first web traffic for web threats, wherein the first web traffic is transmitted by the local client to the local proxy using a first communication protocol that is different from a second communication protocol employed by the local proxy to transmit the first web traffic to the SaaS scanning system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable medium with instructions stored thereon, that when executed on a processor of an endpoint computer, perform the steps of:
-
receiving, by a local proxy, web traffic transmitted by a local client, wherein the local proxy and the local client are separate applications on the endpoint computer; obtaining a customer identity string that identifies a user of the local client as a paying customer of a software as a service (SaaS) scanning service; and including the customer identity string in a header of the web traffic, encrypting the header using a same symmetric encryption key shared by the local proxy and an SaaS scanning system, and thereafter transmitting the web traffic to the SaaS scanning system that provides the SaaS scanning service to scan the web traffic for web threats, wherein the web traffic is received from the local client using a first communication protocol and the web traffic is transmitted to the SaaS scanning system using a second communication protocol that is different from the first communication protocol. - View Dependent Claims (10, 11)
-
-
12. A system for scanning web traffic, the system comprising:
-
an endpoint computer running a local client and a local proxy that receives web traffic from the local client, obtains a customer identity string that identifies a user of the local client as a paying customer of a software as a service (SaaS) scanning service, includes the customer identity string in a header of the web traffic, encrypts the header using a same symmetric encryption key shared by the local proxy and an SaaS scanning system that provides the SaaS scanning service, and transmits the web traffic to the SaaS scanning system, wherein the local client and the local proxy are separate applications running on the endpoint computer; the SaaS scanning system that receives the web traffic, decrypts the header using the same symmetric encryption key, extracts the customer identity string from the web traffic, authenticates the customer identity string, scans the web traffic for web threats, and transmits the web traffic to a web server system; and the web server system that receives the web traffic from the SaaS scanning system after the SaaS scanning system scans the web traffic for the web threats, wherein the local client transmits the web traffic to the local proxy using a first communication protocol and the local proxy transmits the web traffic to the SaaS scanning system using a second communication protocol that is different from the first communication protocol. - View Dependent Claims (13, 14, 15)
-
Specification