Managing transfer of data in a data network
First Claim
Patent Images
1. A network gateway device, implemented at least partially in hardware, for managing a transfer of data over the data network, the network gateway device comprising:
- a processor;
a signature analyzer comprising a policy manager to store policies and associated signatures, including a first policy that diverts data transfers between a plurality of nodes on the data network to a proxy server which scans for malicious code associated with at least one signature;
a network interface, communicatively coupled to the processor and the data network, to receive packets transmitted between the plurality of nodes of the data network;
a session identifier communicatively coupled to receive the packet from the network interface and to identify data associated with a first communication session between a first node and a second node of the data network,wherein the signature analyzer further comprises a comparator, the signature analyzer to receive the identified data of the first communication session and the comparator comparing the identified data against signatures from a signature database, the signature analyzer to produce a control signal responsive to a policy associated with a signature matching the identified data; and
a session controller, responsive to receiving the control signal indicating the signature match, to perform further processing of the identified data, and responsive to the second input not receiving the control signal, the session controller sending the identified data over the second output without further processing.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for managing a transfer of data in a data network identifies data associated with a communication session between a first node and a second node in the data network. Further processing of the communication session occurs when a portion of the communication session meets a criterion and the communication session is permitted to continue when the portion of the communication session does not meet the criterion.
86 Citations
12 Claims
-
1. A network gateway device, implemented at least partially in hardware, for managing a transfer of data over the data network, the network gateway device comprising:
-
a processor; a signature analyzer comprising a policy manager to store policies and associated signatures, including a first policy that diverts data transfers between a plurality of nodes on the data network to a proxy server which scans for malicious code associated with at least one signature; a network interface, communicatively coupled to the processor and the data network, to receive packets transmitted between the plurality of nodes of the data network; a session identifier communicatively coupled to receive the packet from the network interface and to identify data associated with a first communication session between a first node and a second node of the data network, wherein the signature analyzer further comprises a comparator, the signature analyzer to receive the identified data of the first communication session and the comparator comparing the identified data against signatures from a signature database, the signature analyzer to produce a control signal responsive to a policy associated with a signature matching the identified data; and a session controller, responsive to receiving the control signal indicating the signature match, to perform further processing of the identified data, and responsive to the second input not receiving the control signal, the session controller sending the identified data over the second output without further processing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented method in a network gateway device, for managing a transfer of data over the data network, the method comprising:
-
storing policies and associated signatures in a policy manager of the gateway device, including a first policy that diverts data transfers between a plurality of nodes on the data network to a proxy server which scans for malicious code associated with at least one signature; receiving, at a network interface of the network gateway device, packets transmitted between the plurality of nodes of the data network; receiving, in a session identifier of the network gateway device, the packet from the network interface and identifying data associated with a first communication session between a first node and a second node of the data network, receiving the identified data of the first communication session and comparing the identified data against signatures from a signature database with a comparator producing a control signal responsive to a policy associated with a signature matching the identified data; and responsive to receiving the control signal indicating the signature match, performing further processing of the identified data, and responsive to the second input not receiving the control signal, sending the identified data over the second output without further processing.
-
Specification