公开(公告)号：US08826372B1

公开(公告)日：2014-09-02

申请号：US14061722

申请日：2013-10-23

申请人： Lee Chen ,  John Chiong ,  Dennis I. Oshiba

发明人： Lee Chen ,  John Chiong ,  Dennis I. Oshiba

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04W12/00

CPC分类号： H04L63/20 ,  G06F21/00 ,  H04L45/308 ,  H04L51/04 ,  H04L61/20 ,  H04L61/2596 ,  H04L61/3065 ,  H04L63/02 ,  H04L63/0227 ,  H04L63/0236 ,  H04L63/029 ,  H04L63/0407 ,  H04L63/08 ,  H04L63/0892 ,  H04L65/1026 ,  H04L67/02 ,  H04L67/06 ,  H04L67/10 ,  H04L67/14 ,  H04L67/22 ,  H04L67/306 ,  H04L67/42 ,  H04L69/22 ,  H04M1/72547 ,  H04W12/00

摘要： A security gateway includes packet routing policies, each including a host network address, an application network address, and a forwarding interface. In routing data packets of an application session, the security gateway: recognizes the application session between a network and an application; determines a user identity from an application session record for the application session; determines packet routing policies applicable to the application session based on the user identity; receives a data packet for the application session, including a source network address and a destination network address; compares the source network address with the host network address, and the destination network address with the application network address; and in response to finding a match between the source network address and the host network address, and between the destination network address and the application network address, processes the data packet using the forwarding interface of the packet routing policy.

摘要翻译： 安全网关包括分组路由策略，每个路由策略包括主机网络地址，应用网络地址和转发接口。 在路由应用会话的数据包时，安全网关：识别网络和应用之间的应用会话; 从应用会话的应用会话记录中确定用户身份; 基于用户身份确定适用于应用会话的分组路由策略; 接收应用会话的数据包，包括源网络地址和目的网络地址; 将源网络地址与主机网络地址进行比较，将目的网络地址与应用网络地址进行比较; 并且响应于找到源网络地址和主机网络地址之间以及目的地网络地址和应用网络地址之间的匹配，使用分组路由策略的转发接口处理数据分组。

公开(公告)号：US08813180B1

公开(公告)日：2014-08-19

申请号：US14061720

申请日：2013-10-23

申请人： Lee Chen ,  John Chiong ,  Dennis I. Oshiba

发明人： Lee Chen ,  John Chiong ,  Dennis I. Oshiba

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04W12/00

CPC分类号： H04L63/0263 ,  G06F21/00 ,  G06F21/44 ,  H04L12/66 ,  H04L51/04 ,  H04L63/02 ,  H04L63/0227 ,  H04L63/0236 ,  H04L63/0245 ,  H04L63/0254 ,  H04L63/029 ,  H04L63/0407 ,  H04L63/08 ,  H04L63/10 ,  H04L63/102 ,  H04L63/105 ,  H04L63/164 ,  H04L63/168 ,  H04L63/20 ,  H04L63/30 ,  H04L65/1026 ,  H04L67/10 ,  H04L67/1004 ,  H04L67/104 ,  H04L67/141 ,  H04L67/22 ,  H04L67/306 ,  H04L67/42 ,  H04L69/28 ,  H04L69/329 ,  H04M1/72547 ,  H04W12/00

摘要： Applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.

摘要翻译： 将安全策略应用于应用程序会话包括：通过安全网关识别网络和应用程序之间的应用程序会话; 使用关于应用会话的信息由安全网关确定应用会话的用户身份; 由安全网关获取包括映射到用户身份的网络参数的安全策略; 并将安全策略应用于安全网关的应用会话。 用户身份可以是从应用会话的分组识别的网络用户身份或应用用户身份。 安全策略可以包括被映射的网络流量策略和/或映射到用户身份的文档访问策略，其中将网络流量策略应用于应用会话。 安全网关还可以生成关于安全策略应用于应用会话的安全报告。

公开(公告)号：US20080229418A1

公开(公告)日：2008-09-18

申请号：US11686119

申请日：2007-03-14

申请人： Lee Chen ,  John Chiong ,  Dennis I. Oshiba

发明人： Lee Chen ,  John Chiong ,  Dennis I. Oshiba

IPC分类号： G06F12/14

CPC分类号： H04L63/1416 ,  G06F21/552 ,  G06F2221/2151

摘要： Systems and methods adapted to customize a security log analyzer to recognize a security log, the system including at least one network security device for processing data traffic on a data network, the network security device associated with at least one computing device, and adapted to generate a security log, the system further including rule builder software adapted to generate a rule for recognizing at least one item in a security log and a log analyzer adapted to apply the rule in analyzing a security log.

摘要翻译： 适于定制安全日志分析器以识别安全日志的系统和方法，所述系统包括用于处理数据网络上的数据业务的至少一个网络安全设备，与至少一个计算设备相关联的网络安全设备，并适于生成 安全日志，所述系统还包括适于生成用于识别安全日志中的至少一个项目的规则的规则构建器软件以及适于在分析安全日志中应用所述规则的日志分析器。