The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

G06F 21/53 (2013.01); H04L 29/06 (2006.01); G06F 9/455 (2018.01); G06F 21/60 (2013.01); H04W 12/08 (2009.01); H04L 29/12 (2006.01);

U.S. Cl.

CPC ...

G06F 21/53 (2013.01); G06F 9/45537 (2013.01); G06F 9/45545 (2013.01); G06F 9/45558 (2013.01); G06F 21/606 (2013.01); H04L 61/2015 (2013.01); H04L 63/02 (2013.01); H04L 63/0209 (2013.01); H04L 63/0272 (2013.01); H04L 63/0815 (2013.01); H04L 63/10 (2013.01); H04L 63/1416 (2013.01); H04L 63/1491 (2013.01); H04L 63/20 (2013.01); H04W 12/0806 (2019.01); G06F 2009/4557 (2013.01); G06F 2009/45562 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45591 (2013.01); G06F 2009/45595 (2013.01); H04L 63/0263 (2013.01);

Abstract

A method and system for controlling access to external networks by an air-gapped endpoint are provided. The method includes identifying a type of an external network being connected, upon detection of a new network connection to the air-gapped endpoint; determining for each security zone of a plurality of isolated security zones at least one access rule to access the network, wherein the plurality of isolated security zones is operable in a virtual environment instantiated on the air-gapped endpoint; allowing a connection between a security zone and the external network based on the at least one access rule; and monitoring all traffic between the security zone and the external network to at least maintain compliance with a security policy set for the respective security zone.

Find Patent Forward Citations