Method for classification of traffic at the gateway with the help of external agents

IP.com Prior Art Database Disclosure
IP.com Disclosure Number: IPCOM000191744D
Publication Date: 13-Jan-2010
Find Similar Download

Publishing Venue

The IP.com Prior Art Database

Related People

Abhishek Singh - Inventor [+1] [-1]
Evgeney Ryzhyk - Inventor

Abstract

The traffic at the gateway is classified into two parts trusted and untrusted traffic.Network based detection device at the gateway can allow the trusted traffic to pass through. In the document three methods are discussed which can be used for classification and /or identification of traffic at the gateway to be trusted.

Copyright

Copyright 2010 Microsoft

Language

English (United States)

Document File

5 pages / 280.5 KB

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 59% of the total text.

Document Author (alias)

absing, evgenyr

Defensive Publication Title 

Method for classification of traffic at the gateway with the help of external agents

Name(s) of All Contributors

Abhishek Singh

Evgeney Ryzhyk

 

 

 

Summary of the Defensive Publication/Abstract

The traffic at the gateway is classified into two parts trusted and untrusted traffic.Network based detection device at the gateway can allow the trusted traffic to pass through. In the document three methods are discussed which can be used for classification  and /or identification of traffic at the gateway to be trusted.

Description:  Include architectural diagrams and system level data flow diagrams if: 1) they have already been prepared or 2) they are needed to enable another developer to implement your defensive publication. Target 1-2 pages, and not more than 5 pages.  

Disclosed are some of the implementation methods that can be used to differentiate the trusted from un-trusted traffic by the network-based packet inspection device at the gateway. Trusted traffic is allowed to pass through without inspection.   These methods utilize the external agents which are deployed at the hosts. Trusted traffic usually comes from the managed sources--those with installed and operational host-based security solutions. Such managed entities either use a control channel to communicate their state to the Gateway, or rely on the pre-configured central policy to distribute the workload between the managed clients and the Gateway. Once the trusted traffic is identified at the gateway, the traffic is allowed to pass through by the edge-based security device.

Method 1:

As discussed  in Figure 2.0, the detection device at the gateway has a client/firewall installed at the host, which helps to differentiate the traffic from the host which does not have installed client/firewall. If the host-based detection device has the same protection mechanism as that of the detection device at the gateway, end host detection device will communicate the same to the detection device at the edge via secure communication channel or via communication packet.  Once the detection device at edge receives the information that the host-based device has the same protection mechanism, by using a policy rule, it...

First page image
You are not signed in. If you have an IP.com account, your download price may be lower or waived. Click here if you want to sign-in now.
Loading PayPal...
The full document comprises 5 pages and is available as a PDF document as well as a ZIP archive. The cost is $40.00 USD (depending on your billing address, sales tax may apply); payment may be made directly using your credit card or your PayPal account.

If you've already purchased this document, and wish to download it now you may enter the download access code you received in your original email receipt.