公开(公告)号：US20220417267A1

公开(公告)日：2022-12-29

申请号：US17489359

申请日：2021-09-29

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David J. Zacks ,  Walter T. Hulick, JR.

IPC: H04L29/06

Abstract: An example method identifying a request to access or modify a data resource. The request is made by a user. The example method further includes authenticating the user. Based on authenticating the user, the example method includes determining that the request is associated with a malicious intent based on a characteristic of the user. Further, based on determining that the request is associated with the malicious intent, the example method includes blocking the user from accessing or modifying the data resource.

公开(公告)号：US20220255922A1

公开(公告)日：2022-08-11

申请号：US17178199

申请日：2021-02-17

Applicant: Cisco Technology, Inc.

Inventor： David J. Zacks ,  Carlos M. Pignataro ,  Thomas Szigeti

IPC: H04L29/06 ,  H04L29/08

Abstract: This disclosure describes techniques for setting and/or adjusting a security policy associated with a device based on the physical locations of endpoint devices exchanging data with the device. An example method includes performing, at a first time, a first authentication of a first device connecting to a service; determining addresses of second devices exchanging data with the first device; determining physical locations of the second devices based on the addresses; and defining a reauthentication interval based on the physical locations of the second devices. At a second time that is after the first time by the reauthentication interval, the example method further includes disconnecting the first device from the service; and based on disconnecting the first device from the service, triggering a second authentication of the first device.

公开(公告)号：US20160164826A1

公开(公告)日：2016-06-09

申请号：US14725381

申请日：2015-05-29

Applicant: Cisco Technology, Inc.

Inventor： Wolfgang Arno Riedel ,  Mark Montanez ,  Saravanan Radhakrishnan ,  Ralph Edward Droms ,  David J. Zacks ,  Rohit Kumar Suri

IPC: H04L29/12 ,  G06F17/30 ,  H04L12/26

CPC classification number: H04L61/1511 ,  H04L43/026 ,  H04L43/0876

Abstract: In an embodiment, at a network element in a network, a domain name query is intercepted from a client. Metadata associated with a network application or service that is the object of the domain name query is obtained from a domain name system server. A policy is determined to enforce, based on the metadata, and the policy is enforced with respect to the client's access of the network application or service.

Abstract translation: 在一个实施例中，在网络中的网络元件处，从客户端拦截域名查询。 从域名系统服务器获取与作为域名查询对象的网络应用程序或服务相关联的元数据。 决定根据元数据执行策略，并针对客户端访问网络应用程序或服务实施策略。