Outbound/inbound lateral traffic punting based on process risk
Techniques for outbound/inbound lateral traffic punting based upon process risk are disclosed. In some embodiments, a system/process/computer program product for outbound/inbound lateral traffic punting based upon process risk includes receiving, at a network device on an enterprise network, process...
Gespeichert in:
| Hauptverfasser: | , , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Lam, Ho Yu Ettema, Taylor Li, Qiuming Mathison, Paul Theodore Ashley, Robert Earle |
| description | Techniques for outbound/inbound lateral traffic punting based upon process risk are disclosed. In some embodiments, a system/process/computer program product for outbound/inbound lateral traffic punting based upon process risk includes receiving, at a network device on an enterprise network, process identification (ID) information from an endpoint (EP) agent executed on an EP device, in which the process ID information identifies a process that is associated with an outbound or inbound network session on the EP device on the enterprise network, and the EP agent selected the network session for punting to the network device for inspection; monitoring network communications associated with the network session at the network device to identify an application identification (APP ID) for the network session; and performing an action based on a security policy using the process ID information and the APP ID. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US12003485B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US12003485B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US12003485B23</originalsourceid><addsrcrecordid>eNrjZLDzLy1Jyi_NS9HPzAPTCjmJJalFiTkKJUWJaWmZyQoFpXklmXnpCkmJxakpCvl5CgVF-cmpxcUKRZnF2TwMrGmJOcWpvFCam0HRzTXE2UM3tSA_PrW4IDE5NS-1JD402NDIwMDYxMLUyciYGDUAhI0w8g</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Outbound/inbound lateral traffic punting based on process risk</title><source>esp@cenet</source><creator>Lam, Ho Yu ; Ettema, Taylor ; Li, Qiuming ; Mathison, Paul Theodore ; Ashley, Robert Earle</creator><creatorcontrib>Lam, Ho Yu ; Ettema, Taylor ; Li, Qiuming ; Mathison, Paul Theodore ; Ashley, Robert Earle</creatorcontrib><description>Techniques for outbound/inbound lateral traffic punting based upon process risk are disclosed. In some embodiments, a system/process/computer program product for outbound/inbound lateral traffic punting based upon process risk includes receiving, at a network device on an enterprise network, process identification (ID) information from an endpoint (EP) agent executed on an EP device, in which the process ID information identifies a process that is associated with an outbound or inbound network session on the EP device on the enterprise network, and the EP agent selected the network session for punting to the network device for inspection; monitoring network communications associated with the network session at the network device to identify an application identification (APP ID) for the network session; and performing an action based on a security policy using the process ID information and the APP ID.</description><language>eng</language><subject>ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRICITY ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240604&DB=EPODOC&CC=US&NR=12003485B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25563,76318</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240604&DB=EPODOC&CC=US&NR=12003485B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Lam, Ho Yu</creatorcontrib><creatorcontrib>Ettema, Taylor</creatorcontrib><creatorcontrib>Li, Qiuming</creatorcontrib><creatorcontrib>Mathison, Paul Theodore</creatorcontrib><creatorcontrib>Ashley, Robert Earle</creatorcontrib><title>Outbound/inbound lateral traffic punting based on process risk</title><description>Techniques for outbound/inbound lateral traffic punting based upon process risk are disclosed. In some embodiments, a system/process/computer program product for outbound/inbound lateral traffic punting based upon process risk includes receiving, at a network device on an enterprise network, process identification (ID) information from an endpoint (EP) agent executed on an EP device, in which the process ID information identifies a process that is associated with an outbound or inbound network session on the EP device on the enterprise network, and the EP agent selected the network session for punting to the network device for inspection; monitoring network communications associated with the network session at the network device to identify an application identification (APP ID) for the network session; and performing an action based on a security policy using the process ID information and the APP ID.</description><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRICITY</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZLDzLy1Jyi_NS9HPzAPTCjmJJalFiTkKJUWJaWmZyQoFpXklmXnpCkmJxakpCvl5CgVF-cmpxcUKRZnF2TwMrGmJOcWpvFCam0HRzTXE2UM3tSA_PrW4IDE5NS-1JD402NDIwMDYxMLUyciYGDUAhI0w8g</recordid><startdate>20240604</startdate><enddate>20240604</enddate><creator>Lam, Ho Yu</creator><creator>Ettema, Taylor</creator><creator>Li, Qiuming</creator><creator>Mathison, Paul Theodore</creator><creator>Ashley, Robert Earle</creator><scope>EVB</scope></search><sort><creationdate>20240604</creationdate><title>Outbound/inbound lateral traffic punting based on process risk</title><author>Lam, Ho Yu ; Ettema, Taylor ; Li, Qiuming ; Mathison, Paul Theodore ; Ashley, Robert Earle</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US12003485B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2024</creationdate><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRICITY</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Lam, Ho Yu</creatorcontrib><creatorcontrib>Ettema, Taylor</creatorcontrib><creatorcontrib>Li, Qiuming</creatorcontrib><creatorcontrib>Mathison, Paul Theodore</creatorcontrib><creatorcontrib>Ashley, Robert Earle</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Lam, Ho Yu</au><au>Ettema, Taylor</au><au>Li, Qiuming</au><au>Mathison, Paul Theodore</au><au>Ashley, Robert Earle</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Outbound/inbound lateral traffic punting based on process risk</title><date>2024-06-04</date><risdate>2024</risdate><abstract>Techniques for outbound/inbound lateral traffic punting based upon process risk are disclosed. In some embodiments, a system/process/computer program product for outbound/inbound lateral traffic punting based upon process risk includes receiving, at a network device on an enterprise network, process identification (ID) information from an endpoint (EP) agent executed on an EP device, in which the process ID information identifies a process that is associated with an outbound or inbound network session on the EP device on the enterprise network, and the EP agent selected the network session for punting to the network device for inspection; monitoring network communications associated with the network session at the network device to identify an application identification (APP ID) for the network session; and performing an action based on a security policy using the process ID information and the APP ID.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_epo_espacenet_US12003485B2 |
| source | esp@cenet |
| subjects | ELECTRIC COMMUNICATION TECHNIQUE ELECTRICITY TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
| title | Outbound/inbound lateral traffic punting based on process risk |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-10T21%3A01%3A34IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Lam,%20Ho%20Yu&rft.date=2024-06-04&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS12003485B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |