| 发明名称 |
METHOD AND SYSTEM FOR PROPAGATING NETWORK POLICY |
| 摘要 |
A technique for acquiring and disseminating network node characteristics to enable policy decisions including receiving a resolution request from one or more clients in a network environment is disclosed. Information, for example, network address, is then acquired from one or more sources regarding a specific location in a network, for example, a network node. A list of the network addresses is then generated and ranked based on one or more parameters that merit making traffic handling decisions. The network addresses are then associated with a host name on at least one directory server and then propagated to the one or more clients. |
| 申请公布号 |
US2016248813(A1) |
申请公布日期 |
2016.08.25 |
| 申请号 |
US201615147514 |
申请日期 |
2016.05.05 |
| 申请人 |
THREATSTOP, INC. |
发明人 |
Byrnes Tomas L. |
| 分类号 |
H04L29/06;G06F17/30;H04L29/12 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for implementing network security comprising:
creating a network security policy to apply to network traffic, wherein a plurality of IP values are elements of the network security policy; creating, using the plurality of IP values, zones with filters based on weights depending upon a characteristic of a source of network traffic; configuring a domain name system (DNS) server to resolve a DNS query to the network security policy; receiving a name-to-IP value mapping request from a network device, wherein a name of the network security policy is a name for which name-to-IP value mapping is requested; resolving the network security policy name to the plurality of IP values at the DNS server; propagating the network security policy to the network device by transmitting the plurality of IP values to the network device in response to the name-to-IP value mapping request, thereby allowing the network device to utilize one or more of the plurality of IP values when applying network security to network traffic at the network device. |
| 地址 |
Carlsbad CA US |
