| 发明名称 | Destination address control to limit unauthorized communications | ||
| 摘要 | Systems and methods for protecting a network including preventing data traffic from exiting the network unless a domain name request has been performed by a device attempting to transmit the data traffic. In an embodiment, a device within the protected network attempting to send data outside the protected network requests an address for a destination outside the protected network from a domain name server (DNS). In response, the DNS provides an address of the destination to the device and a gateway. In response to receiving the address, the gateway temporarily allows access to the address. In an embodiment, a DNS is coupled to a protected network and the gateway, the DNS provides an external address to a device in response to a request; and a mapping to the gateway; the gateway, coupled to a protected network and an external network, allows traffic according to the mapping. | ||
| 申请公布号 | US9237027(B2) | 申请公布日期 | 2016.01.12 |
| 申请号 | US201313828546 | 申请日期 | 2013.03.14 |
| 申请人 | Raytheon BBN Technologies Corp. | 发明人 | Ellard Daniel Joseph;Jackson Alden Warren;Jones Christine Elaine;Karlin Josh Forrest;Manfredi Victoria Ursula;Mankins David Patrick;Strayer William Timothy |
| 分类号 | G06F15/16;G06F15/173;H04L12/24 | 主分类号 | G06F15/16 |
| 代理机构 | Schwegman Lundberg & Woessner, P.A. | 代理人 | Schwegman Lundberg & Woessner, P.A. |
| 主权项 | 1. A method for protecting a network, the method comprising: blocking devices within the network, at a gateway, from accessing an external network; receiving, at a name server, a request from a device in the network for an address of a domain in the external network; creating an exception at the gateway, the exception allowing the device to access the address of the domain in the external network; and providing the client device with the address of the domain in response to the request. | ||
| 地址 | Cambridge MA US | ||