Device for providing security barrier for network

US 9,769,118 B2
Filed: 10/05/2015
Issued: 09/19/2017
Est. Priority Date: 10/05/2015
Status: Active Grant

First Claim

Patent Images

1. An apparatus for providing a security barrier between a communication network and an internet connection, the apparatus comprising:

a transceiver device; and

one or more processors comprising a digital circuit configured to perform at least a portion of a computing procedure to;

detect one or more indications of identity of one or more devices of the communication network;

obtain a first set of signal packets, received at the transceiver device, from at least one of the one or more devices of the communication network;

inspect the first set of signal packets based, at least in part, on a set of security policies comprising blocking, filtering or modifying, or a combination thereof, the first set of signal packets comprising potentially malicious content, the first set of signal packets originating from a potentially malicious source, the first set of signal packets exhibiting suspicious behavior, the first set of signal packets transmitted, received under suspicious circumstances, or a combination thereof;

responsive to the inspection of the first set of signal packets block, filter or modify, or a combination thereof, at least one of the first set of signal packets based, at least in part, on the set of security policies to form a modified first set of signal packets;

responsive to formation of the modified first set of signal packets, initiate transmission of the modified first set of signal packets via the transceiver device, the transmission of the modified first set of signal packets comprising emulating the at least one of the one or more devices based, at least in part, on the one or more indications of identity;

inspect a second set of signal packets received from the internet connection via the transceiver device and intended for the at least one of the one or more devices, the inspection of the second set of signal packets based, at least in part, on the set of security policies; and

responsive to the inspection of the second set of signal packets, block, filter or modify, or a combination thereof, at least one of the second set of signal packets based, at least in part, on the set of security policies to form a modified second set of signal packets for transmission to the at least one of the one or more devices, wherein inspection of the first and second sets of signal packets is performed by a unified threat management (UTM) component of the apparatus, and wherein the UTM component is pre-configured with the set of security policies.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus, a system, and a method for providing a security barrier between local network and an internet connection.

14 Citations

View as Search Results

16 Claims

1. An apparatus for providing a security barrier between a communication network and an internet connection, the apparatus comprising:
- a transceiver device; and
  
  one or more processors comprising a digital circuit configured to perform at least a portion of a computing procedure to;
  
  detect one or more indications of identity of one or more devices of the communication network;
  
  obtain a first set of signal packets, received at the transceiver device, from at least one of the one or more devices of the communication network;
  
  inspect the first set of signal packets based, at least in part, on a set of security policies comprising blocking, filtering or modifying, or a combination thereof, the first set of signal packets comprising potentially malicious content, the first set of signal packets originating from a potentially malicious source, the first set of signal packets exhibiting suspicious behavior, the first set of signal packets transmitted, received under suspicious circumstances, or a combination thereof;
  
  responsive to the inspection of the first set of signal packets block, filter or modify, or a combination thereof, at least one of the first set of signal packets based, at least in part, on the set of security policies to form a modified first set of signal packets;
  
  responsive to formation of the modified first set of signal packets, initiate transmission of the modified first set of signal packets via the transceiver device, the transmission of the modified first set of signal packets comprising emulating the at least one of the one or more devices based, at least in part, on the one or more indications of identity;
  
  inspect a second set of signal packets received from the internet connection via the transceiver device and intended for the at least one of the one or more devices, the inspection of the second set of signal packets based, at least in part, on the set of security policies; and
  
  responsive to the inspection of the second set of signal packets, block, filter or modify, or a combination thereof, at least one of the second set of signal packets based, at least in part, on the set of security policies to form a modified second set of signal packets for transmission to the at least one of the one or more devices, wherein inspection of the first and second sets of signal packets is performed by a unified threat management (UTM) component of the apparatus, and wherein the UTM component is pre-configured with the set of security policies.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The apparatus of claim 1, wherein the one or more indications of identity comprise a media access control (MAC) address, and wherein emulating the at least one of the one or more devices of the communication network is based, at least in part, on the MAC address.
  - 3. The apparatus of claim 1, wherein the one or more processors are further configured to identify a potentially malicious content or a potentially malicious sender, or a combination thereof, responsive to inspection of the second set of signal packets.
  - 4. The apparatus of claim 1, wherein the one or more processors are further configured to identify an unauthorized recipient responsive to inspection of the first set of signal packets.
  - 5. The apparatus of claim 1, wherein the set of security policies is maintained by a cloud-based service.

6. A system for providing a security barrier between a communication network and an internet connection, the system comprising:
- means, comprising a transceiver device, for receiving a first set of signal packets from at least one of the one or more devices of the communication network;
  
  means, comprising one or more processors including a digital circuit configured to perform at least a portion of a computing procedure, for;
  
  detecting one or more indications of identity of one or more devices of the communication network;
  
  inspecting the first set of signal packets based, at least in part, on a set of security policies comprising blocking, filtering or modifying, or a combination thereof, the first set of signal packets comprising potentially malicious content, the first set of signal packets originating from a potentially malicious source, the first set of signal packets exhibiting suspicious behavior or the first set of signal packets transmitted, received under suspicious circumstances, or a combination thereof;
  
  in response to the inspection of the first set of signal packets blocking, based at least in part, on the set of security policies the first set of signal packets, filtering or modifying, or a combination thereof, at least one of the first set of signal packets based, at least in part, on the set of security policies, to form a modified first set of signal packets;
  
  transmitting the modified first set of signal packets in response to formation of the modified first set of signal packets, the transmission of the modified first set of signal packets comprising emulating the at least one of the one or more devices based, at least in part, on the one or more indications of identity;
  
  inspecting a second set of signal packets received from the internet connection and intended for the at least one of the one or more devices based, at least in part, on a set of security policies; and
  
  in response to the inspection of the second of signal packets sent via the internet connection and based, at least in part, on the set of security policies blocking the second set of signal packets, based at least in part, on the set of security policies the second set of signal packets, filtering or modifying, or a combination thereof, one or more of the second set of signal packets to form a modified second set of signal packets for transmission to the at least one of the one or more devices, wherein inspection of the first and second sets of signal packets is performed by a unified threat management (UTM) component of the apparatus, and wherein the UTM component is pre-configured with the set of security policies.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6, wherein the one or more indications of identity comprise a media access control (MAC) address and wherein emulating the at least one of the one or more devices of the communication network uses, at least in part, the MAC address.
  - 8. The system of claim 6, wherein the one or more processors are further configured for identifying a potentially malicious content or a potentially malicious sender, or a combination thereof responsive to inspection of the second set of signal packets.
  - 9. The system of claim 6, wherein the one or more processors are further configured for identifying an unauthorized recipient responsive to inspection of the first set of signal packets received from the at least one of the one or more devices.
  - 10. The system of claim 6, wherein the set of security policies is maintained by a remote cloud-based means.

11. A method for providing a security barrier between a communication network and an internet connection, the method comprising:
- detecting, at one or more processors of a security device, one or more indications of identity of one or more devices of the communication network;
  
  receiving, via a transceiver of the security device, a first set of signal packets from at least one of the one or more devices of the communication network;
  
  inspecting, at the one or more processors, the first set of signal packets based, at least in part, on a set of security policies comprising blocking, filtering or modifying, or a combination thereof, the first set of signal packets comprising potentially malicious content, the first set of signal packets originating from a potentially malicious source, the first set of signal packets exhibiting suspicious behavior or the first set of signal packets transmitted or received under suspicious circumstances, or a combination thereof;
  
  responsive to the inspection of the first set of signal packets, blocking, filtering or modifying, or a combination thereof, at least one of the first set of signal packets based, at least in part, on the set of security policies to form a modified first set of signal packets;
  
  responsive to formation of the modified first set of signal packets, initiate transmission of the modified first set of signal packets via the transceiver, the transmission of the modified first set of signal packets comprising emulating the at least one of the one or more devices based, at least in part, on the one or more indications of identity;
  
  inspecting, at the one or more processors, a second set of signal packets received from the internet connection and intended for the at least one of the one or more devices, the inspection of the second set of signal packets being based, at least in part, on the set of security policies; and
  
  responsive to the inspection of the second set of signal packets, blocking filtering or modifying, or a combination thereof, at least one of the second set of signal packets based, at least in part, on the set of security policies to form a modified second set of signal packets for transmission to the at least one of the one or more devices, wherein inspection of the first and second sets of signal packets is performed by a unified threat management (UTM) component of the apparatus, and wherein the UTM component is pre-configured with the set of security policies.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The method of claim 11, wherein the one or more indications of identity comprise a media access control (MAC) address and emulating the at least one of the one or more devices of the communication network is based, at least in part, on the MAC address.
  - 13. The method of claim 11, further comprising identifying potentially malicious content or a potentially malicious sender, or a combination thereof responsive to inspection of the second set of signal packets.
  - 14. The method of claim 11, further comprising identifying an unauthorized recipient responsive to inspection of the first set of signal packets.
  - 15. The method of claim 11, wherein the set of security policies is maintained by a cloud-based service.
  - 16. The method of claim 11, wherein filtering, modifying, blocking, or a combination thereof, of at least one signal packet of the first or second sets of signal packets is performed based, at least in part, on a risk score.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zyxel Communications Incorporated (Unizyx Holding Corporation)
Original Assignee
Zyxel Communications Incorporated (Unizyx Holding Corporation)
Inventors
Joe, Steven H., Rogers, Shawn, Nguyen, Tri
Primary Examiner(s)
Shayanfar, Ali

Application Number

US14/875,572
Publication Number

US 20170099258A1
Time in Patent Office

715 Days
Field of Search
US Class Current
CPC Class Codes

H04L 43/028   by filtering

H04L 63/0209   Architectural arrangements,...

H04L 63/0236   Filtering by address, proto...

H04L 63/0245   Filtering by information in...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/20   for managing network securi...

Device for providing security barrier for network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

14 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Device for providing security barrier for network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links