公开(公告)号：US20180176182A1

公开(公告)日：2018-06-21

申请号：US15380061

申请日：2016-12-15

Applicant: IXIA

Inventor： Kristopher Raney ,  Dennis J. Cox ,  Santanu Paul

IPC: H04L29/06

CPC classification number: H04L63/0263 ,  H04L63/0218 ,  H04L63/0254 ,  H04L63/0281 ,  H04L63/10 ,  H04L63/1408

Abstract: Methods and systems are disclosed that provide active firewall control for network traffic sessions within virtual processing platforms. Client agent instances run within virtual machine (VM) platforms (e.g., hypervisor, container, etc.) within virtual processing environments and enforce access, proxy, and/or other firewall rules with respect to network traffic sessions for application instances also running within the VM platforms. For certain embodiments, the agent instances collect information about applications and services running within the VM platforms and use this collected information to automatically enforce firewall rules. Additional disclosed embodiments redirect packets from “bad” network sources to a proxied application instance that interacts with the “bad” network source. This proxied interaction allows an agent instance monitoring the proxied session to analyze and assess the actual activity by the “bad” network source without putting the original data or network service at risk. Other features and variations are also be disclosed.

公开(公告)号：US20180176189A1

公开(公告)日：2018-06-21

申请号：US15380143

申请日：2016-12-15

Applicant: IXIA

Inventor： Santanu Paul ,  Kristopher Raney ,  Dennis J. Cox

IPC: H04L29/06 ,  H04L12/26 ,  H04L29/08

CPC classification number: H04L63/0428 ,  H04L41/046 ,  H04L43/026 ,  H04L43/04 ,  H04L63/0263 ,  H04L63/0471 ,  H04L63/061 ,  H04L67/14 ,  H04L67/2814

Abstract: Methods and systems are disclosed that provide in-session splitting of network traffic sessions for monitoring of traffic between network clients and network servers. This in-session splitting is based upon monitoring traffic sessions for one or more events and then initiating a proxied session based upon detection of the one or more events. For further embodiments, the creation of the proxied session is implemented based upon detection of a request for a secure link within the session traffic, and the proxied session is then implemented such that original session participants are not aware of the proxied session. The encrypted secure communications between the network client and the network server are split into two connections that decrypted and re-encrypted so that the contents of the secure link can be analyzed to identify network threats and/or other desired network related activities.

公开(公告)号：US10171425B2

公开(公告)日：2019-01-01

申请号：US15380061

申请日：2016-12-15

Applicant: IXIA

Inventor： Kristopher Raney ,  Dennis J. Cox ,  Santanu Paul

IPC: H04L29/06

Abstract: Methods and systems are disclosed that provide active firewall control for network traffic sessions within virtual processing platforms. Client agent instances run within virtual machine (VM) platforms (e.g., hypervisor, container, etc.) within virtual processing environments and enforce access, proxy, and/or other firewall rules with respect to network traffic sessions for application instances also running within the VM platforms. For certain embodiments, the agent instances collect information about applications and services running within the VM platforms and use this collected information to automatically enforce firewall rules. Additional disclosed embodiments redirect packets from “bad” network sources to a proxied application instance that interacts with the “bad” network source. This proxied interaction allows an agent instance monitoring the proxied session to analyze and assess the actual activity by the “bad” network source without putting the original data or network service at risk. Other features and variations are also be disclosed.