Network Protection Service
First Claim
1. A network protection method, the method comprising:
- receiving a Domain Name System (DNS) request in a system including a DNS resolver;
logging the DNS request;
classifying the DNS request based on an analysis of a DNS name associated with the DNS request;
taking a security action based on the classification; and
analyzing network traffic and content.
3 Assignments
0 Petitions
Accused Products
Abstract
A network protection method is provided. The network protection method may include receiving a Domain Name System (DNS) request, logging the DNS request, classifying the DNS request based on an analysis of a DNS name associated with the DNS request, taking a security action based on the classification, analyzing network traffic after taking the security action, and providing substantially real-time feedback associated with the network traffic to improve future DNS request classifications. The method may further include receiving a DNS response and logging the DNS response. The analysis of the DNS name may include receiving DNS data related to the DNS name from a plurality of sources, receiving reputation data related to the plurality of sources, scoring each of the plurality of sources based on the reputation data, and aggregating the DNS data related to the DNS name based on the scoring.
133 Citations
21 Claims
-
1. A network protection method, the method comprising:
-
receiving a Domain Name System (DNS) request in a system including a DNS resolver; logging the DNS request; classifying the DNS request based on an analysis of a DNS name associated with the DNS request; taking a security action based on the classification; and analyzing network traffic and content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 20, 21)
-
-
19. The method of clam 17, wherein we blocking the DNS request is based on results of a security action that monitors the entire traffic.
Specification