METHOD FOR REMOTE MONITORING AND CONTROL OF NETWORKING INFORMATION SECURITY BASED ON USE OF DOMAIN NAME SYSTEM

摘要

FIELD: information technology.SUBSTANCE: method involves modifying DNS response to resolution of a domain name of a target information service such that, an "Additional" field specified by configuration information and security policy rules is added to the DNS response, said field initiating the beginning of the process of monitoring and controlling communication security, after which the modified DNS response is sent from a controlled DNS server to the DNS server of an internet provider; a request is sent on behalf of a client to the target information service; the request from the client is received at the monitoring point; the necessary control actions are determined based on the network security policy and information in the request to the target information service; control actions are carried out for network traffic.EFFECT: providing remote monitoring and control of networking information security regardless of network topology and the location of the monitoring point and high security of controlled information structures.3 dwg