logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 7849502 B1

PDFFull Text
Date of Patent:
Dec. 07, 2010

Filed:

Apr. 30, 2007

Apparatus for monitoring network traffic

Applicants:

Eric Bloch, San Mateo, CA (US);

Shalabh Mohan, Mountain View, CA (US);

Rajendraprasad R. Pagaku, Foster City, CA (US);

Doug Moore, Houston, TX (US);

Mark Krentel, Houston, TX (US);

Bruce Thompson, South San Francisco, CA (US);

Julian R. Elischer, El Cerrito, CA (US);

Brandon L. Golm, San Francisco, CA (US);

Inventors:

Eric Bloch, San Mateo, CA (US);

Shalabh Mohan, Mountain View, CA (US);

Rajendraprasad R. Pagaku, Foster City, CA (US);

Doug Moore, Houston, TX (US);

Mark Krentel, Houston, TX (US);

Bruce Thompson, South San Francisco, CA (US);

Julian R. Elischer, El Cerrito, CA (US);

Brandon L. Golm, San Francisco, CA (US);

Assignee:

Ironport Systems, Inc., San Bruno, CA (US);

Attorney:

Hickman Palermo Truong & Becker LLP

Primary Examiner:

Hosuk Song

Int. Cl.
CPC ...
G06F 15/16 (2006.01); G06F 11/00 (2006.01);
U.S. Cl.
CPC ...
Abstract

A data processing apparatus can perform HTTP traffic monitoring and filtering of HTTP requests from clients and responses from servers. Example apparatus comprises a processor, a first network interface to a protected network, a second network interface to an external network, and a traffic monitor having an address-domain name database, a firewall rules manager, and a DNS snooper. The traffic monitor accesses a blacklist and can perform receiving, from a client computer, a request to access a resource in the external network; blocking the request to the resource when a user agent of the client is in the blacklist as malicious software or when a file extension in a response to the request is in the blacklist; requesting, from a web reputation service, and receiving a reputation score indicating a reputation of the resource; blocking sending the request to the resource when the reputation is below a specified threshold.

Find Patent Forward Citations

Loading…