发明名称 |
System and method for an endpoint hardware assisted network firewall in a security environment |
摘要 |
A method is provided in one example embodiment and includes receiving a traffic flow at a tamper resistant environment from an application, where the tamper resistant environment is separated from a host operating system. The method also includes applying a security token to the traffic flow and sending the traffic flow to a server. In specific embodiments, a security module may add information about the application to traffic flow. A trapping module may monitor for a memory condition and identify the memory condition. The trapping module may also, responsive to identifying the memory condition, initiate a virtual environment for the application, and check the integrity of the traffic flow. |
申请公布号 |
US9560014(B2) |
申请公布日期 |
2017.01.31 |
申请号 |
US201313748578 |
申请日期 |
2013.01.23 |
申请人 |
McAfee, Inc. |
发明人 |
Grobman Steve;Samani Raj;Arkin Ofir;Schrecker Sven |
分类号 |
H04L29/06;G06F9/455;G06F21/55;G06F21/57 |
主分类号 |
H04L29/06 |
代理机构 |
Patent Capital Group |
代理人 |
Patent Capital Group |
主权项 |
1. A method comprising:
receiving, at a tamper resistant environment on a host from a virtualization environment of the host, information associated with an application executing on the host; receiving a traffic flow at the tamper resistant environment from the application, wherein the tamper resistant environment is separated from an operating system of the host; creating a modified traffic flow by applying a security token to the received traffic flow and by adding the information to the received traffic flow; and sending the modified traffic flow to a server. |
地址 |
Santa Clara CA US |