| 摘要 |
Methods and systems for preventing unacceptable communication requests from being transmitted to a network-accessible service are disclosed. A domain name server for a local network including a network-accessible service returns an address for a network security system remote from the local network in response to a request for the address of the network-accessible service. The network security system processes communication requests directed to the network-accessible service to determine whether the communication request is a network intrusion attempt. If so, the network security system performs a network intrusion prevention technique, such as discarding the communication request, generating an alert or message or storing at least a portion of the communication request. Otherwise, the network security system forwards the communication request to the network-accessible service. A firewall on the local network may discard requests destined for the network-accessible service unless the source address equals a public address of the network security system.
|
