公开(公告)号：US20220116363A1

公开(公告)日：2022-04-14

申请号：US17423817

申请日：2020-05-07

申请人： New H3C Security Technologies Co., Ltd.

发明人： Xuepeng Zhu

IPC分类号： G06F21/45 ,  H04L67/564

摘要： A Data Leakage Prevention (DLP) device and a method for processing a packet are disclosed. The DLP device receives an IP packet sent by a user device, wherein the IP packet includes TCP port information; and detects whether a first TCP connection is established between the DLP device and the user device. If the first TCP connection is not established, when the IP packet is a data packet, an application layer protocol for transmitting the IP packet is determined by comparing a packet feature of the IP packet with packet features corresponding to respective application layer protocols. When the application layer protocol for transmitting the IP packet is listened to, a pair of TCP connections is established according to the TCP port information, wherein the pair of TCP connections includes the first TCP connection and a second TCP connection between the DLP device and a server.

公开(公告)号：US11973741B2

公开(公告)日：2024-04-30

申请号：US17423817

申请日：2020-05-07

申请人： New H3C Security Technologies Co., Ltd.

发明人： Xuepeng Zhu

IPC分类号： H04L29/06 ,  H04L9/40 ,  H04L67/564

CPC分类号： H04L63/0281 ,  H04L63/166 ,  H04L63/20 ,  H04L67/564 ,  H04L2212/00

摘要： A Data Leakage Prevention (DLP) device and a method for processing a packet are disclosed. The DLP device receives an IP packet sent by a user device, wherein the IP packet includes TCP port information; and detects whether a first TCP connection is established between the DLP device and the user device. If the first TCP connection is not established, when the IP packet is a data packet, an application layer protocol for transmitting the IP packet is determined by comparing a packet feature of the IP packet with packet features corresponding to respective application layer protocols. When the application layer protocol for transmitting the IP packet is listened to, a pair of TCP connections is established according to the TCP port information, wherein the pair of TCP connections includes the first TCP connection and a second TCP connection between the DLP device and a server.