-
公开(公告)号:US10664342B2
公开(公告)日:2020-05-26
申请号:US16106749
申请日:2018-08-21
申请人: Forcepoint LLC
发明人: Ville Mattila , Valtteri Rahkonen , Otto Airamo
摘要: A method, system, and computer-usable medium are disclosed for, responsive to receipt at an information handling system of a command to transmit an executable file to a second information handling system, scanning the executable file to determine if the executable file includes debug information, and responsive to determining that the executable file includes debug information, taking remedial action with respect to the executable file.
-
公开(公告)号:US10834131B2
公开(公告)日:2020-11-10
申请号:US15824214
申请日:2017-11-28
申请人: Forcepoint LLC
IPC分类号: H04L29/06
摘要: A method, system, and computer-usable medium are disclosed for (a) responsive to communication of a client handshake from a client to a server for establishing encrypted communications between the client and the server: (i) holding open, by an intermediate verification system interfaced between the server and the client, the client handshake; and (ii) opening a connection between the intermediate verification system and the server via which the intermediate verification system issues a server verification handshake to the server; (b) responsive to issuance of the server verification handshake to the server, receiving a server certificate associated with the server by the intermediate verification system; (c) responsive to receipt of the server certificate, processing, by the intermediate verification system, the server certificate to determine an identity of the server; and (d) rendering, by the intermediate verification system, a security policy decision regarding traffic between the server and client based on the identity.
-
公开(公告)号:US20200128032A1
公开(公告)日:2020-04-23
申请号:US16162993
申请日:2018-10-17
申请人: Forcepoint LLC
发明人: Mirja Halme , Otto Airamo , Valtteri Rahkonen , Tuomo Syvänne
IPC分类号: H04L29/06 , H04L12/66 , H04L12/863
摘要: A method, system, and computer-usable medium are disclosed for, responsive to establishment of a connection between a first endpoint device and a second endpoint device: maintaining, by a security device interfaced between the first endpoint device and the second endpoint device for inspecting traffic transmitted over the connection, a first communication state to be identical to a communication state of the first endpoint device; and maintaining, by the security device, a second communication state to be identical to a communication state of the second endpoint device; and responsive to transmission of traffic from the first endpoint and intended for the second endpoint: inspecting individual objects of the traffic; modifying stream identifiers of the individual objects prior to retransmission of the traffic to the second endpoint to maintain ordering of stream identifiers as seen by the second endpoint; and maintaining a mapping of the modified stream identifiers such that the mapping is used by the security device such that responses transmitted by the second endpoint in response to the objects transmitted by first endpoint device are modified to their original stream identifiers of the objects transmitted by first endpoint device.
-
公开(公告)号:US11070533B2
公开(公告)日:2021-07-20
申请号:US16598657
申请日:2019-10-10
申请人: Forcepoint LLC
IPC分类号: H04L29/06
摘要: A method, system, and computer-usable medium are disclosed for: (i) determining if a server response from a server received at a security device and intended for a client includes original encryption key information for encrypting identifying information associated with the server; (ii) if the server response includes original encryption key information for encrypting identifying information associated with the server, determining if a network policy provides for decryption of identifying information associated with the server; and (iii) if the network policy provides for decryption of identifying information associated with the server, replacing the original encryption key information with modified encryption key information associated with the security device and communicating the server response to the client with the modified encryption key information associated with the security device.
-
公开(公告)号:US10791135B2
公开(公告)日:2020-09-29
申请号:US16162993
申请日:2018-10-17
申请人: Forcepoint LLC
发明人: Mirja Halme , Otto Airamo , Valtteri Rahkonen , Tuomo Syvänne
IPC分类号: H04L29/06 , H04L12/66 , H04L12/863
摘要: A method, system, and computer-usable medium are disclosed for, responsive to establishment of a connection between a first endpoint device and a second endpoint device: maintaining, by a security device interfaced between the first endpoint device and the second endpoint device for inspecting traffic transmitted over the connection, a first communication state to be identical to a communication state of the first endpoint device; and maintaining, by the security device, a second communication state to be identical to a communication state of the second endpoint device; and responsive to transmission of traffic from the first endpoint and intended for the second endpoint: inspecting individual objects of the traffic; modifying stream identifiers of the individual objects prior to retransmission of the traffic to the second endpoint to maintain ordering of stream identifiers as seen by the second endpoint; and maintaining a mapping of the modified stream identifiers such that the mapping is used by the security device such that responses transmitted by the second endpoint in response to the objects transmitted by first endpoint device are modified to their original stream identifiers of the objects transmitted by first endpoint device.
-
公开(公告)号:US11483394B2
公开(公告)日:2022-10-25
申请号:US15892079
申请日:2018-02-08
申请人: Forcepoint LLC
发明人: Valtteri Rahkonen , Tuomo Syvänne
IPC分类号: H04L67/141 , H04L67/01
摘要: A method, system, and computer-usable medium are disclosed for, responsive to communication of a client handshake to a server for establishing communications between the client and server, managing handshake messages between the client and server until an application layer message is communicated from the client, such that a connection between the client and the server appears to be established, and responsive to communication of the application layer message from the client, rendering a policy decision with respect to a connection between the client and the server based on a payload of the application layer message, the policy decision defining a selected path between the client and the server and including a chosen target device from a plurality of potential target devices, wherein the chosen target device is within the selected path and establishing the selected path for communication between the client and the server in accordance with the policy decision.
-
公开(公告)号:US11212259B2
公开(公告)日:2021-12-28
申请号:US15892581
申请日:2018-02-09
申请人: Forcepoint LLC
IPC分类号: H04L29/06
摘要: A method, system, and computer-usable medium are disclosed for performing packet processing of network traffic on a master security device of a plurality of security devices, such packet processing including connection tracking for the network traffic, and offloading packet inspection of the network traffic to one or more slave security devices of the plurality of security devices.
-
公开(公告)号:US11374977B2
公开(公告)日:2022-06-28
申请号:US16136659
申请日:2018-09-20
申请人: Forcepoint LLC
发明人: Valtteri Rahkonen , Jaakko Moller
IPC分类号: H04L9/40 , H04L67/5682
摘要: A method, system, and computer-usable medium are disclosed for managing network communication by, responsive to an attempted connection from a client to a server, receiving information regarding the connection from the client, determining if the information regarding the connection matches an entry of a reputation cache, and responsive to determining that the information regarding the connection matches an entry of the reputation cache, undertaking a remedial action in accordance with a security policy.
-
公开(公告)号:US10819683B2
公开(公告)日:2020-10-27
申请号:US15817992
申请日:2017-11-20
申请人: Forcepoint LLC
发明人: Valtteri Rahkonen , Kari Nurmela
IPC分类号: H04L29/06 , H04L12/851 , H04L29/08
摘要: A method, system, and computer-usable medium are disclosed for performing deep packet inspection of network traffic, comprising: receiving a unit of one or more network packets, calculating a calculated fingerprint for data within the unit, determining a current inspection context, determining whether the calculated fingerprint and the current inspection context matches an entry stored in a cache, wherein the entry includes a stored fingerprint and a cached inspection context, and performing operations associated with deep packet inspection of the unit based on whether the calculated fingerprint and the current inspection context match the entry.
-
公开(公告)号:US10805420B2
公开(公告)日:2020-10-13
申请号:US15825481
申请日:2017-11-29
申请人: Forcepoint LLC
IPC分类号: H04L29/08 , H04L29/06 , H04L12/861 , G06F16/2455 , H04L12/715 , H04L12/707 , H04L12/803 , H04L12/28
摘要: A method, system, and computer-usable medium are disclosed for network acceleration, comprising: responsive to receiving at an acceleration device a stream of one or more datagrams from a sending endpoint device within a first local area network of the acceleration device, the stream for transmission to a receiving endpoint device within a second local area network coupled to the first local area network by a wide area network: communicating by the acceleration device to the sending endpoint device a respective acknowledgement to each of the one or more datagrams; and transmitting by the acceleration device the one or more datagrams via multiple communication links of the wide area network to a second acceleration device within the second local area network and coupled to the receiving endpoint device.
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.011 秒)
