Network security policy enforcement using application session information and object attributes

Invention Grant

US08214875B2 Network security policy enforcement using application session information and object attributes 有权

Title translation: 使用应用程序会话信息和对象属性进行网络安全策略实施

Please log in to see more content

Patent Title: Network security policy enforcement using application session information and object attributes
Patent Title (中): 使用应用程序会话信息和对象属性进行网络安全策略实施
Application No.: US11440663

Application Date: 2006-05-24
Publication No.: US08214875B2

Publication Date: 2012-07-03
Inventor: Pramod John , Ai-Lan Chang , Daniel J. Lassig , Rendell K. G. Fong , Emmanuel W. Jee
Applicant: Pramod John , Ai-Lan Chang , Daniel J. Lassig , Rendell K. G. Fong , Emmanuel W. Jee
Applicant Address: US CA Palo Alto
Assignee: VMware, Inc.
Current Assignee: VMware, Inc.
Current Assignee Address: US CA Palo Alto
Main IPC: H04L29/06
IPC: H04L29/06

Network security policy enforcement using application session information and object attributes

Abstract:

A packet traversing on the computer network is received; session information is generated from the packet with the session information including a client network address and a server network address; the packet is associated with at least one object attribute from the directory by using the session information; and a security policy defined for the network environment is enforced by using the session information and the object attribute(s) to determine whether the packet violates the security policy.

Abstract(Chinese):

收到在计算机网络上穿越的数据包; 会话信息从包含客户端网络地址和服务器网络地址的会话信息的分组生成; 该分组通过使用会话信息与来自该目录的至少一个对象属性相关联; 并且通过使用会话信息和对象属性来确定为网络环境定义的安全策略来确定该数据包是否违反安全策略。

Public/Granted literature

US20060236370A1 Network security policy enforcement using application session information and object attributes Public/Granted day:2006-10-19

Information query

Espacenet