公开(公告)号：US20170302628A1

公开(公告)日：2017-10-19

申请号：US15636148

申请日：2017-06-28

Applicant: DELL SOFTWARE INC.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06 ,  G06F17/30 ,  H04L29/12 ,  H04L29/08

CPC classification number: H04L63/0263 ,  G06F16/951 ,  H04L61/1511 ,  H04L61/2007 ,  H04L63/0227 ,  H04L63/0245 ,  H04L63/101 ,  H04L63/1416 ,  H04L63/145 ,  H04L63/20 ,  H04L67/02

Abstract: A user of a client device that is protected by a firewall may navigate to a website using a particular browser process (e.g., a window/tab of a browser) of the client device, sending a content request toward a web content server in the process. The firewall may intercept the content request, and may also receive information from the client device identifying which browser process initiated the content request. Before passing the content request to the appropriate web content server, the firewall may request and download a security policy from a security policy server. The security policy may notify the firewall which hosts are authorized/unauthorized for use with a particular domain, and which file types from each of these hosts are authorized/unauthorized for use with the particular domain. The firewall may then filter content related to the identified browser process based on the security policy.

公开(公告)号：US09723027B2

公开(公告)日：2017-08-01

申请号：US14937776

申请日：2015-11-10

Applicant: Dell Software Inc.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0263 ,  G06F17/30864 ,  H04L61/1511 ,  H04L61/2007 ,  H04L63/0227 ,  H04L63/0245 ,  H04L63/101 ,  H04L63/1416 ,  H04L63/145 ,  H04L63/20 ,  H04L67/02

Abstract: A user of a client device that is protected by a firewall may navigate to a website using a particular browser process (e.g., a window/tab of a browser) of the client device, sending a content request toward a web content server in the process. The firewall may intercept the content request, and may also receive information from the client device identifying which browser process initiated the content request. Before passing the content request to the appropriate web content server, the firewall may request and download a security policy from a security policy server. The security policy may notify the firewall which hosts are authorized/unauthorized for use with a particular domain, and which file types from each of these hosts are authorized/unauthorized for use with the particular domain. The firewall may then filter content related to the identified browser process based on the security policy.

公开(公告)号：US20170034179A1

公开(公告)日：2017-02-02

申请号：US14815866

申请日：2015-07-31

Applicant: Dell Software Inc.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06

CPC classification number: H04L63/102 ,  G06F21/31 ,  H04L63/02 ,  H04L63/0884 ,  H04L63/10 ,  H04L63/20

Abstract: A hardware or software firewall may be installed within a private network. The firewall may intercept a first set of login credentials entered into a login interface of a social media platform. The firewall then checks that the first set of login credentials are correct against a first set of reference login credentials stored in a firewall memory, and sends a second set of login credentials to the login interface of the social media platform. This allows business employees to access a corporate social media profile from a private network but not outside the private network. The firewall can also limit social media interactions using the firewall by limiting the other profiles that a user's profile can interact with (e.g., using a whitelist, blacklist, or reputation score), by limiting communication types (e.g., using a whitelist or blacklist), by imposing firewall policies, or some combination thereof.

Abstract translation: 硬件或软件防火墙可以安装在专用网络中。 防火墙可以拦截输入社交媒体平台的登录界面的第一组登录凭据。 防火墙然后根据存储在防火墙内存中的第一组参考登录凭据来检查第一组登录凭据是否正确，并将第二组登录凭据发送到社交媒体平台的登录界面。 这允许企业员工从专用网络访问企业社交媒体配置文件，但不在私有网络之外。 通过限制通信类型（例如，使用白名单或黑名单），防火墙还可以通过限制用户配置文件可以与之交互的其他配置文件（例如，使用白名单，黑名单或信誉评分）来限制使用防火墙的社交媒体交互。 ，通过强加防火墙策略或其某种组合。

公开(公告)号：US10361999B2

公开(公告)日：2019-07-23

申请号：US14956298

申请日：2015-12-01

Applicant: Dell Software Inc.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06

Abstract: A network-connected device (such as an “internet of things” device) that periodically transmits data to recipient devices (e.g., smartphones, tablets, laptops) may be protected by a firewall that include software firewall elements, hardware firewall elements, or some combination thereof. The firewall may intercept datasets sent by the network-connected device, inspect the datasets, and categorize data within each dataset as belonging to one of a number of previously-identified data categories, such as personal data, location data, behavior data, or energy data, or as not belonging to any recognized data category. Rules within firewall policies may indicate whether data of each data category is to be allowed to be sent to the recipient devices or to be blocked from being sent to the recipient devices, for example allowing a firewall to block transmission of location data. Data not belonging to a recognized data category is sent to a support system for classification.

公开(公告)号：US09888011B2

公开(公告)日：2018-02-06

申请号：US14815866

申请日：2015-07-31

Applicant: Dell Software Inc.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06 ,  G06F21/31

CPC classification number: H04L63/102 ,  G06F21/31 ,  H04L63/02 ,  H04L63/0884 ,  H04L63/10 ,  H04L63/20

Abstract: A hardware or software firewall may be installed within a private network. The firewall may intercept a first set of login credentials entered into a login interface of a social media platform. The firewall then checks that the first set of login credentials are correct against a first set of reference login credentials stored in a firewall memory, and sends a second set of login credentials to the login interface of the social media platform. This allows business employees to access a corporate social media profile from a private network but not outside the private network. The firewall can also limit social media interactions using the firewall by limiting the other profiles that a user's profile can interact with (e.g., using a whitelist, blacklist, or reputation score), by limiting communication types (e.g., using a whitelist or blacklist), by imposing firewall policies, or some combination thereof.

公开(公告)号：US20170155622A1

公开(公告)日：2017-06-01

申请号：US14956298

申请日：2015-12-01

Applicant: Dell Software Inc.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06

CPC classification number: H04L63/0245 ,  H04L63/20

Abstract: A network-connected device (such as an “internet of things” device) that periodically transmits data to recipient devices (e.g., smartphones, tablets, laptops) may be protected by a firewall that include software firewall elements, hardware firewall elements, or some combination thereof. The firewall may intercept datasets sent by the network-connected device, inspect the datasets, and categorize data within each dataset as belonging to one of a number of previously-identified data categories, such as personal data, location data, behavior data, or energy data, or as not belonging to any recognized data category. Rules within firewall policies may indicate whether data of each data category is to be allowed to be sent to the recipient devices or to be blocked from being sent to the recipient devices, for example allowing a firewall to block transmission of location data. Data not belonging to a recognized data category is sent to a support system for classification.

公开(公告)号：US09608959B2

公开(公告)日：2017-03-28

申请号：US14666180

申请日：2015-03-23

Applicant: Dell Software Inc.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06 ,  G06F21/56

CPC classification number: H04L63/0236 ,  G06F21/566 ,  G06F21/567 ,  H04L63/0227 ,  H04L63/0263 ,  H04L63/1416 ,  H04L63/145 ,  H04L63/20

Abstract: A firewall system determines whether a protocol used by an incoming data packet is a standard protocol compliant with Request For Comment (RFC) standards. In the event the protocol is RFC compliant, the firewall transmits the packet to the recipient according to firewall policies regarding the standard protocol. If the protocol is not that of an RFC standard, the firewall determines whether the protocol matches an RFC-exception protocol in a RFC-exception protocol database. If the protocol does match an RFC-exception, the firewall may transmit the packet to the recipient according to firewall policies regarding the RFC-exception protocol. If it does not match an RFC-exception, the firewall may transmit the packet or protocol to a support system where it may be quarantined until it is approved based on a decision that the protocol is safe and/or widely adopted.

公开(公告)号：US10187446B2

公开(公告)日：2019-01-22

申请号：US14665315

申请日：2015-03-23

Applicant: DELL SOFTWARE INC.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06 ,  H04L29/08 ,  G06F21/53

Abstract: A firewall may identify a uniform resource locator (URL) being transmitted to a user device, the URL link pointing to a host system. The firewall can then modify the URL link to point instead to a sandbox system. Once a user at the user device selects the URL link (e.g., by clicking or touching it in a browser), the firewall receives the user device's HTTP request and directs it to the sandbox system, which generates a new HTTP request that is then sent through the firewall to the host system. The host system then sends host content to the sandbox system instead of to the user device. The user device may then be presented with a representation of the host content as rendered at the sandbox system (e.g., through a remote desktop interface).

公开(公告)号：US09838357B2

公开(公告)日：2017-12-05

申请号：US15434603

申请日：2017-02-16

Applicant: Dell Software Inc.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06 ,  G06F21/56

CPC classification number: H04L63/0236 ,  G06F21/566 ,  G06F21/567 ,  H04L63/0227 ,  H04L63/0263 ,  H04L63/1416 ,  H04L63/145 ,  H04L63/20

Abstract: A firewall system determines whether a protocol used by an incoming data packet is a standard protocol compliant with Request For Comment (RFC) standards. In the event the protocol is RFC compliant, the firewall transmits the packet to the recipient according to firewall policies regarding the standard protocol. If the protocol is not that of an RFC standard, the firewall determines whether the protocol matches an RFC-exception protocol in a RFC-exception protocol database. If the protocol does match an RFC-exception, the firewall may transmit the packet to the recipient according to firewall policies regarding the RFC-exception protocol. If it does not match an RFC-exception, the firewall may transmit the packet or protocol to a support system where it may be quarantined until it is approved based on a decision that the protocol is safe and/or widely adopted.

公开(公告)号：US20170134428A1

公开(公告)日：2017-05-11

申请号：US14937776

申请日：2015-11-10

Applicant: Dell Software Inc.

Inventor： Hugo Vazquez Carames

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0263 ,  G06F17/30864 ,  H04L61/1511 ,  H04L61/2007 ,  H04L63/0227 ,  H04L63/0245 ,  H04L63/101 ,  H04L63/1416 ,  H04L63/145 ,  H04L63/20 ,  H04L67/02

Abstract: A user of a client device that is protected by a firewall may navigate to a website using a particular browser process (e.g., a window/tab of a browser) of the client device, sending a content request toward a web content server in the process. The firewall may intercept the content request, and may also receive information from the client device identifying which browser process initiated the content request. Before passing the content request to the appropriate web content server, the firewall may request and download a security policy from a security policy server. The security policy may notify the firewall which hosts are authorized/unauthorized for use with a particular domain, and which file types from each of these hosts are authorized/unauthorized for use with the particular domain. The firewall may then filter content related to the identified browser process based on the security policy.