WO2008017011A3 - Systems and methods for application-based interception and authorization of ssl/vpn traffic - Google Patents
Systems and methods for application-based interception and authorization of ssl/vpn traffic Download PDFInfo
- Publication number
- WO2008017011A3 WO2008017011A3 PCT/US2007/075035 US2007075035W WO2008017011A3 WO 2008017011 A3 WO2008017011 A3 WO 2008017011A3 US 2007075035 W US2007075035 W US 2007075035W WO 2008017011 A3 WO2008017011 A3 WO 2008017011A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- application
- client
- communication
- agent
- virtual private
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/306—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/104—Grouping of entities
Abstract
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200780037175.8A CN101636998B (en) | 2006-08-03 | 2007-08-02 | Systems and methods for application based interception ssi/vpn traffic |
AU2007281166A AU2007281166B2 (en) | 2006-08-03 | 2007-08-02 | Systems and methods for application-based interception and authorization of SSL/VPN traffic |
HK10107195.6A HK1140883A1 (en) | 2006-08-03 | 2010-07-27 | Systems and methods for application-based interception and authorization of ssl/vpn traffic |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/462,321 US8495181B2 (en) | 2006-08-03 | 2006-08-03 | Systems and methods for application based interception SSI/VPN traffic |
US11/462,329 | 2006-08-03 | ||
US11/462,321 | 2006-08-03 | ||
US11/462,329 US8869262B2 (en) | 2006-08-03 | 2006-08-03 | Systems and methods for application based interception of SSL/VPN traffic |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2008017011A2 WO2008017011A2 (en) | 2008-02-07 |
WO2008017011A3 true WO2008017011A3 (en) | 2008-07-03 |
Family
ID=38904791
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2007/075035 WO2008017011A2 (en) | 2006-08-03 | 2007-08-02 | Systems and methods for application-based interception and authorization of ssl/vpn traffic |
Country Status (4)
Country | Link |
---|---|
CN (1) | CN103384250B (en) |
AU (1) | AU2007281166B2 (en) |
HK (1) | HK1140883A1 (en) |
WO (1) | WO2008017011A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101729543B (en) * | 2009-12-04 | 2012-10-03 | 同济大学 | Method for improving performance of mobile SSL VPN by utilizing remote Socks5 technology |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9237168B2 (en) * | 2012-05-17 | 2016-01-12 | Cisco Technology, Inc. | Transport layer security traffic control using service name identification |
CN104092691A (en) * | 2014-07-15 | 2014-10-08 | 北京奇虎科技有限公司 | Implementation method for implementing root-authority-free networking firewall and client-side |
CN104144126B (en) * | 2014-08-19 | 2018-01-23 | 北京奇虎科技有限公司 | Method and system, the client of flow optimization are realized by image procossing |
US9560078B2 (en) * | 2015-02-04 | 2017-01-31 | Intel Corporation | Technologies for scalable security architecture of virtualized networks |
CN105049431B (en) * | 2015-06-30 | 2019-02-15 | 深信服科技股份有限公司 | Data access control method and device |
CN109150751B (en) * | 2017-06-16 | 2022-05-27 | 阿里巴巴集团控股有限公司 | Network control method and device |
CN109951575B (en) * | 2017-12-20 | 2022-06-10 | 新智数字科技有限公司 | Method and system for intercepting specified domain name |
CN109543470A (en) * | 2018-11-01 | 2019-03-29 | 郑州云海信息技术有限公司 | A kind of storage equipment security access method and system |
JP2022086597A (en) * | 2020-11-30 | 2022-06-09 | シャープ株式会社 | Information processing device, control method, and program |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5987611A (en) * | 1996-12-31 | 1999-11-16 | Zone Labs, Inc. | System and methodology for managing internet access on a per application basis for client computers connected to the internet |
WO2002079949A2 (en) * | 2001-03-30 | 2002-10-10 | Netscreen Technologies, Inc. | Internet security system |
EP1418730A2 (en) * | 2002-11-06 | 2004-05-12 | AT&T Corp. | Virtual private network crossovers based on certificates |
US20050265351A1 (en) * | 2004-05-27 | 2005-12-01 | Hewlett-Packard Development Company, L.P. | Network administration |
US20060005240A1 (en) * | 2004-06-30 | 2006-01-05 | Prabakar Sundarrajan | System and method for establishing a virtual private network |
EP1641215A2 (en) * | 2004-09-28 | 2006-03-29 | Layer 7 Technologies, Inc. | System and method for bridging identities in a service oriented architecture |
US7096495B1 (en) * | 2000-03-31 | 2006-08-22 | Intel Corporation | Network session management |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7260599B2 (en) * | 2003-03-07 | 2007-08-21 | Hyperspace Communications, Inc. | Supporting the exchange of data by distributed applications |
US8572249B2 (en) * | 2003-12-10 | 2013-10-29 | Aventail Llc | Network appliance for balancing load and platform services |
US7818781B2 (en) * | 2004-10-01 | 2010-10-19 | Microsoft Corporation | Behavior blocking access control |
US20060130135A1 (en) * | 2004-12-10 | 2006-06-15 | Alcatel | Virtual private network connection methods and systems |
-
2007
- 2007-08-02 CN CN201310292412.2A patent/CN103384250B/en active Active
- 2007-08-02 WO PCT/US2007/075035 patent/WO2008017011A2/en active Application Filing
- 2007-08-02 AU AU2007281166A patent/AU2007281166B2/en not_active Ceased
-
2010
- 2010-07-27 HK HK10107195.6A patent/HK1140883A1/en not_active IP Right Cessation
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5987611A (en) * | 1996-12-31 | 1999-11-16 | Zone Labs, Inc. | System and methodology for managing internet access on a per application basis for client computers connected to the internet |
US7096495B1 (en) * | 2000-03-31 | 2006-08-22 | Intel Corporation | Network session management |
WO2002079949A2 (en) * | 2001-03-30 | 2002-10-10 | Netscreen Technologies, Inc. | Internet security system |
EP1418730A2 (en) * | 2002-11-06 | 2004-05-12 | AT&T Corp. | Virtual private network crossovers based on certificates |
US20050265351A1 (en) * | 2004-05-27 | 2005-12-01 | Hewlett-Packard Development Company, L.P. | Network administration |
US20060005240A1 (en) * | 2004-06-30 | 2006-01-05 | Prabakar Sundarrajan | System and method for establishing a virtual private network |
EP1641215A2 (en) * | 2004-09-28 | 2006-03-29 | Layer 7 Technologies, Inc. | System and method for bridging identities in a service oriented architecture |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101729543B (en) * | 2009-12-04 | 2012-10-03 | 同济大学 | Method for improving performance of mobile SSL VPN by utilizing remote Socks5 technology |
Also Published As
Publication number | Publication date |
---|---|
CN103384250A (en) | 2013-11-06 |
CN103384250B (en) | 2017-04-26 |
AU2007281166B2 (en) | 2011-12-15 |
WO2008017011A2 (en) | 2008-02-07 |
HK1140883A1 (en) | 2010-10-22 |
AU2007281166A1 (en) | 2008-02-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2008017011A3 (en) | Systems and methods for application-based interception and authorization of ssl/vpn traffic | |
CN111490993B (en) | Application access control security system and method | |
US10630725B2 (en) | Identity-based internet protocol networking | |
US10154067B2 (en) | Network application security policy enforcement | |
US11190489B2 (en) | Methods and systems for establishing a connection between a first device and a second device across a software-defined perimeter | |
US11070591B2 (en) | Distributed network application security policy enforcement | |
EP2850770B1 (en) | Transport layer security traffic control using service name identification | |
JP2022084588A (en) | Platform for computing at mobile edge | |
WO2006004725A3 (en) | System and method for establishing a virtual private network | |
CN105100095A (en) | Secure interaction method and apparatus for mobile terminal application program | |
US20090113517A1 (en) | Security state aware firewall | |
WO2007042826A3 (en) | Remote access to resources | |
US20220103515A1 (en) | Split tunneling based on content type to exclude certain network traffic from a tunnel | |
CN104539598A (en) | Tor-improved safety anonymous network communication system and method | |
WO2013018028A3 (en) | Authentication policy enforcement | |
WO2010021954A3 (en) | System and method for a wpan firewall | |
EP2706717A1 (en) | Method and devices for registering a client to a server | |
WO2017208079A3 (en) | Method and system for improving network security | |
EP2974355A2 (en) | A device, a system and a related method for dynamic traffic mirroring and policy, and the determination of applications running on a network | |
KR101214613B1 (en) | Security method and security system based on proxy for identifying connector credibly | |
YAN et al. | Study on security of 5G and satellite converged communication network | |
RU2008109223A (en) | ENSURING AN AGREED ACCESS TO THE FIREWALL WITH INFORMATION ON THE APPLICATION | |
Alenezi et al. | On Virtualization and Security-Awareness Performance Analysis in 5G Cellular Networks. | |
CN106686583A (en) | Method and device for safe communication in WiFi environment | |
JP4950705B2 (en) | Communication control system and communication control method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 200780037175.8 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07813683 Country of ref document: EP Kind code of ref document: A2 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2007281166 Country of ref document: AU |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2007281166 Country of ref document: AU Date of ref document: 20070802 Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: RU |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07813683 Country of ref document: EP Kind code of ref document: A2 |