发明名称 |
Sending out-of-band notifications |
摘要 |
Out-of-band notifications are used to inform users of clients of security policy enforcement actions, such as enforcement of a data loss prevention (DLP) policy. Code for instantiating a notification agent at a client used by a user is inserted into network traffic inbound to the client. Outbound network traffic sent from the client to a server is monitored for compliance with one or more security policies. If it is determined that the network traffic violates a security policy, an enforcement action is taken. An out-of-band notification message describing the enforcement action is inserted into a response to the outbound network traffic and sent to the client. The notification agent at the client receives the notification message and presents the message to the user. |
申请公布号 |
US9294511(B2) |
申请公布日期 |
2016.03.22 |
申请号 |
US201414459687 |
申请日期 |
2014.08.14 |
申请人 |
Symantec Corporation |
发明人 |
McNair David Trent;Mears John;Shapcott David |
分类号 |
G06F17/00;H04L29/06;H04L29/08;G06F21/62 |
主分类号 |
G06F17/00 |
代理机构 |
Fenwick & West LLP |
代理人 |
Fenwick & West LLP |
主权项 |
1. A computer-implemented method for sending an out-of-band notification of a security policy enforcement action to a user of a client within a network covered by a security policy, the method comprising:
receiving, at a security module, outbound network traffic sent from the client, the outbound network traffic addressed to a destination outside of the network covered by the security policy; performing, by the security module, an enforcement action on the outbound network traffic responsive to determining that the outbound network traffic violates the security policy; inserting, by the security module, an out-of-band notification message describing the enforcement action into a response to the outbound network traffic; and sending the response including the inserted out-of-band notification message to the client. |
地址 |
Mountain View CA US |