-
公开(公告)号:US20210136037A1
公开(公告)日:2021-05-06
申请号:US16668861
申请日:2019-10-30
Applicant: Avast Software s.r.o.
Inventor: Gandhi Balasubramaniam
Abstract: A network is secured by managing domain name requests such that client devices are restricted from visiting malicious or undesirable domains. An endpoint Domain Name Server (DNS) agent is installed on client devices on a local network, and the endpoint DNS agents intercept DNS requests from the client devices and process the received DNS request in the endpoint DNS agent based on a security policy set for the client device via the endpoint DNS agent. In a further example processing the received DNS request comprises identifying the client device, end user, and the DNS request to a cloud-based DNS server, and processing a response received from the cloud-based DNS server received in response to the DNS request. The endpoint DNS agent is further operable to distinguish between DNS requests for local domains and remote domains, and to redirect DNS requests for local domains to a local network DNS server.
-
公开(公告)号:US20210136106A1
公开(公告)日:2021-05-06
申请号:US16730868
申请日:2019-12-30
Applicant: Avast Software s.r.o.
Inventor: Gandhi Balasubramaniam
Abstract: A network is secured by managing domain name requests such that client devices are restricted from visiting malicious or undesirable domains. An endpoint Domain Name Server (DNS) agent is installed on client devices on a local network, and the endpoint DNS agents intercept DNS requests from the client devices and process the received DNS request in the endpoint DNS agent based on a security policy set for the client device via the endpoint DNS agent. In a further example, the endpoint DNS agent receives an HTTP message from a client browser including a Server Name Identifier tag, and generates a signed certificate spoofing the domain identified in the Server Name Identifier tag to insert itself as a man-in-the-middle between the identified domain and the client browser.
-
公开(公告)号:US11736516B2
公开(公告)日:2023-08-22
申请号:US16730868
申请日:2019-12-30
Applicant: Avast Software s.r.o.
Inventor: Gandhi Balasubramaniam
IPC: H04L9/40 , H04L9/32 , H04L67/02 , H04L61/4511 , H04L67/10 , H04L69/16 , H04L101/30 , H04L61/2514
CPC classification number: H04L63/1466 , H04L9/3263 , H04L61/4511 , H04L63/0236 , H04L67/02 , H04L9/3268 , H04L61/2514 , H04L67/10 , H04L69/16 , H04L2101/30
Abstract: A network is secured by managing domain name requests such that client devices are restricted from visiting malicious or undesirable domains. An endpoint Domain Name Server (DNS) agent is installed on client devices on a local network, and the endpoint DNS agents intercept DNS requests from the client devices and process the received DNS request in the endpoint DNS agent based on a security policy set for the client device via the endpoint DNS agent. In a further example, the endpoint DNS agent receives an HTTP message from a client browser including a Server Name Identifier tag, and generates a signed certificate spoofing the domain identified in the Server Name Identifier tag to insert itself as a man-in-the-middle between the identified domain and the client browser.
-
公开(公告)号:US11652792B2
公开(公告)日:2023-05-16
申请号:US16668861
申请日:2019-10-30
Applicant: Avast Software s.r.o.
Inventor: Gandhi Balasubramaniam
IPC: H04L9/40 , H04L61/4511 , H04L67/02 , H04L67/1036 , H04L61/59
CPC classification number: H04L63/0236 , H04L61/4511 , H04L63/0263 , H04L63/1483 , H04L63/20 , H04L67/02 , H04L67/1036 , H04L61/59 , H04L63/08
Abstract: A network is secured by managing domain name requests such that client devices are restricted from visiting malicious or undesirable domains. An endpoint Domain Name Server (DNS) agent is installed on client devices on a local network, and the endpoint DNS agents intercept DNS requests from the client devices and process the received DNS request in the endpoint DNS agent based on a security policy set for the client device via the endpoint DNS agent. In a further example processing the received DNS request comprises identifying the client device, end user, and the DNS request to a cloud-based DNS server, and processing a response received from the cloud-based DNS server received in response to the DNS request. The endpoint DNS agent is further operable to distinguish between DNS requests for local domains and remote domains, and to redirect DNS requests for local domains to a local network DNS server.
-
-
-
Search Results
4
records
(took 0.014 seconds)
