SYSTEM AND METHOD FOR INTERLOCKING A HOST AND A GATEWAY
First Claim
Patent Images
1. At least one non-transitory computer readable medium having logic encoded therein, wherein the logic, when executed by one or more processors, is operable to perform operations comprising:
- receiving, at a network gateway, a session descriptor from a host, wherein the session descriptor identifies an application file associated with a process on the host attempting to establish a network connection via the network gateway;
determining a network policy to be applied to network traffic associated with the host based on information contained in the session descriptor;
correlating network traffic received by the network gateway with the host based on a universally unique identifier (UUID) contained in the session descriptor; and
applying the network policy to the network traffic.
9 Assignments
0 Petitions
Accused Products
Abstract
A method is provided in one example embodiment and includes exchanging a session descriptor associated with a network connection and an application on a host, correlating the session descriptor with a network policy, and applying the network policy to the network connection. In alternative embodiments, the session descriptor may be exchanged through an out-of-band communication channel or an in-band communication channel.
30 Citations
20 Claims
-
1. At least one non-transitory computer readable medium having logic encoded therein, wherein the logic, when executed by one or more processors, is operable to perform operations comprising:
-
receiving, at a network gateway, a session descriptor from a host, wherein the session descriptor identifies an application file associated with a process on the host attempting to establish a network connection via the network gateway; determining a network policy to be applied to network traffic associated with the host based on information contained in the session descriptor; correlating network traffic received by the network gateway with the host based on a universally unique identifier (UUID) contained in the session descriptor; and applying the network policy to the network traffic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A network gateway, comprising:
-
a firewall module; and one or more hardware processors operable to execute instructions associated with the firewall module, the one or more processors being operable to; receive a session descriptor from a host, wherein the session descriptor identifies an application file associated with a process on the host attempting to establish a network connection via the network gateway; determine a network policy to be applied to network traffic associated with the host based on information contained in the session descriptor; correlate network traffic received by the network gateway with the host based on a universally unique identifier (UUID) contained in the session descriptor; and apply the network policy to the network traffic. - View Dependent Claims (15, 16, 17)
-
-
18. A method, comprising:
-
receiving, at a network gateway, a session descriptor from a host, wherein the session descriptor identifies an application file associated with a process on the host attempting to establish a network connection via the network gateway; determining a network policy to be applied to network traffic associated with the host based on information contained in the session descriptor; correlating network traffic received by the network gateway with the host based on a universally unique identifier (UUID) contained in the session descriptor; and applying the network policy to the network traffic. - View Dependent Claims (19, 20)
-
Specification