公开(公告)号：US20140245424A1

公开(公告)日：2014-08-28

申请号：US14276416

申请日：2014-05-13

申请人： Nicholas Liebmann ,  Raoul Tiddy ,  Michael Bishop

发明人： Nicholas Liebmann ,  Raoul Tiddy ,  Michael Bishop

IPC分类号： H04L29/06

CPC分类号： H04L63/0263 ,  H04L12/66 ,  H04L51/12 ,  H04L63/02 ,  H04L63/0236 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/1458 ,  H04L63/1483

摘要： Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.

摘要翻译： 公开了跨多个网络设备（例如，网关）执行源地址（例如因特网协议（IP）地址）的协调阻塞的系统和方法。 在一个公开的实施例中，该方法和系统暂时改变一个或多个网络设备的配置（基于用户定义的配置参数），以允许在一段时间内从“被阻止”的IP地址进行通信。 然后，网络设备可以“接收”电子邮件并执行分析，并向声誉服务提供分析结果。 因此，临时允许的通信可以用于学习关于如果来自该IP地址的所有通信实际上被阻止在网络设备处的那些不可用的威胁的信息。

公开(公告)号：US08726385B2

公开(公告)日：2014-05-13

申请号：US13253266

申请日：2011-10-05

申请人： Nicholas Liebmann ,  Raoul Tiddy ,  Mike Bishop

发明人： Nicholas Liebmann ,  Raoul Tiddy ,  Mike Bishop

IPC分类号： G06F11/00

CPC分类号： H04L63/0263 ,  H04L12/66 ,  H04L51/12 ,  H04L63/02 ,  H04L63/0236 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/1458 ,  H04L63/1483

摘要： Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.

摘要翻译： 公开了跨多个网络设备（例如，网关）执行源地址（例如因特网协议（IP）地址）的协调阻塞的系统和方法。 在一个公开的实施例中，该方法和系统暂时改变一个或多个网络设备的配置（基于用户定义的配置参数），以允许在一段时间内从“被阻止”的IP地址进行通信。 然后，网络设备可以“接收”电子邮件并执行分析，并向声誉服务提供分析结果。 因此，临时允许的通信可以用于学习关于如果来自该IP地址的所有通信实际上被阻止在网络设备处的那些不可用的威胁的信息。

公开(公告)号：US20130091584A1

公开(公告)日：2013-04-11

申请号：US13253266

申请日：2011-10-05

申请人： Nicholas Liebmann ,  Raoul Tiddy ,  Mike Bishop

发明人： Nicholas Liebmann ,  Raoul Tiddy ,  Mike Bishop

IPC分类号： G06F21/00

CPC分类号： H04L63/0263 ,  H04L12/66 ,  H04L51/12 ,  H04L63/02 ,  H04L63/0236 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/1458 ,  H04L63/1483

摘要： Disclosed are systems and methods to perform coordinated blocking of source addresses, such as an Internet Protocol (IP) addresses, across a plurality of network appliances (e.g., gateways). In one disclosed embodiment the method and system temporarily alter a configuration of one or more network appliances (based on user defined configuration parameters) to allow communication from a “blocked” IP address for a period of time. A network appliance can then “receive” an email and perform analysis and provide results of the analysis to a reputation service. Thereby, the temporarily allowed communication can be used to learn information about a threat which would not have been available if all communication from that IP address had actually been blocked at the network appliance.

摘要翻译： 公开了跨多个网络设备（例如，网关）执行源地址（例如因特网协议（IP）地址）的协调阻塞的系统和方法。 在一个公开的实施例中，该方法和系统暂时改变一个或多个网络设备（基于用户定义的配置参数）的配置，以允许来自被阻止的IP地址的通信一段时间。 然后，网络设备可以接收电子邮件并执行分析，并向声誉服务提供分析结果。 因此，临时允许的通信可以用于学习关于如果来自该IP地址的所有通信实际上被阻止在网络设备处的那些不可用的威胁的信息。