-
公开(公告)号:US11924180B2
公开(公告)日:2024-03-05
申请号:US17164533
申请日:2021-02-01
Applicant: iboss, Inc.
Inventor: Paul Michael Martini , Peter Anthony Martini
IPC: H04L29/06 , H04L9/40 , H04L41/00 , H04L61/10 , H04L61/103 , H04L61/4511 , H04L61/4552 , H04L61/5007 , H04L67/02 , H04L61/58
CPC classification number: H04L63/0464 , H04L41/00 , H04L61/10 , H04L61/103 , H04L61/4511 , H04L61/4552 , H04L61/5007 , H04L63/0428 , H04L67/02 , H04L61/58
Abstract: This present disclosure generally relates to managing encrypted network traffic using Domain Name System (DNS) responses. One example includes requesting an address; receiving a response from the resolution server including one or more addresses associated with the domain name; associating with the domain name a particular address selected from the received one or more addresses; receiving a request to resolve the domain name; sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain name; receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; and determining that the secure request is directed to the domain name based on the association between the particular address and the domain name.
-
公开(公告)号:US11722509B2
公开(公告)日:2023-08-08
申请号:US17945892
申请日:2022-09-15
Applicant: iboss, Inc.
Inventor: Paul Michael Martini
IPC: H04L9/40 , G06F21/56 , H04L61/4511 , H04L61/59 , H04L67/562 , H04L67/02 , H04L101/35
CPC classification number: H04L63/1425 , G06F21/567 , H04L61/4511 , H04L61/59 , H04L63/0281 , H04L63/1416 , H04L63/1441 , H04L63/164 , H04L63/168 , H04L67/02 , H04L67/562 , H04L2101/35 , H04L2463/144
Abstract: This specification generally relates to methods and systems for applying network policies to devices based on their current access network. One example method includes identifying a proxy connection request sent from a particular client device to a proxy server over a network, the proxy connection request including a hostname and configured to direct the proxy server to establish communication with the computer identified by the hostname on behalf of the client device; determining an identity of the client device based on the proxy connection request; identifying a domain name system (DNS) response to a DNS request including the hostname from the proxy connection request; and updating DNS usage information for the particular client based on the identified DNS response including the hostname from the proxy connection request.
-
公开(公告)号:US20230224220A1
公开(公告)日:2023-07-13
申请号:US18114167
申请日:2023-02-24
Applicant: iboss, Inc.
Inventor: Paul Michael Martini , Peter Anthony Martini
IPC: H04L41/0893 , H04L67/00 , H04L43/10 , H04L67/10 , H04L67/52 , H04L61/2514
CPC classification number: H04L41/0893 , H04L67/34 , H04L43/10 , H04L67/10 , H04L67/52 , H04L61/2514
Abstract: A server of a distributed computing system that is at least partially hosted on a particular access network receives a plurality of messages from a plurality of devices over a network, each of the messages associated with a corresponding source address. For each of the plurality of devices, a current access network is determined for the device. For each of the devices with a current access network being the particular access network, a first network policy is applied to the device. For each of the devices with a current access network being other than the particular access network, a second network policy is applied to the device, the second network policy defining a second encryption requirement.
-
公开(公告)号:US11595262B2
公开(公告)日:2023-02-28
申请号:US17848258
申请日:2022-06-23
Applicant: iboss, Inc.
Inventor: Paul Michael Martini , Peter Anthony Martini
IPC: H04L41/0893 , H04L67/00 , H04L67/52 , H04L43/10 , H04L67/10 , H04L61/2514
Abstract: A server of a distributed computing system that is at least partially hosted on a particular access network receives a plurality of messages from a plurality of devices over a network, each of the messages associated with a corresponding source address. For each of the plurality of devices, a current access network is determined for the device. For each of the devices with a current access network being the particular access network, a first network policy is applied to the device. For each of the devices with a current access network being other than the particular access network, a second network policy is applied to the device, the second network policy defining a second encryption requirement.
-
公开(公告)号:US11374818B2
公开(公告)日:2022-06-28
申请号:US17021649
申请日:2020-09-15
Applicant: iboss, Inc.
Inventor: Paul Michael Martini , Peter Anthony Martini
IPC: H04L41/0893 , H04L67/00 , H04L67/52 , H04L43/10 , H04L67/10 , H04L61/2514
Abstract: A server of a distributed computing system that is at least partially hosted on a particular access network receives a plurality of messages from a plurality of devices over a network, each of the messages associated with a corresponding source address. For each of the plurality of devices, a current access network is determined for the device. For each of the devices with a current access network being the particular access network, a first network policy is applied to the device. For each of the devices with a current access network being other than the particular access network, a second network policy is applied to the device, the second network policy defining a second encryption requirement.
-
Patent Agency Ranking
公开(公告)号:US11055410B2
公开(公告)日:2021-07-06
申请号:US16666324
申请日:2019-10-28
Applicant: iboss, Inc.
Inventor: Paul Michael Martini , Peter Anthony Martini
Abstract: An execution of a data object is identified by a computing device. In response to identifying the execution of the data object, it is determined that the data object has requested a sensitive action of the computing device before interacting with a user of the computing device. In response to determining that the data object has requested the sensitive action, the data object is classified as a high-risk data object.
-
公开(公告)号:US20200084108A1
公开(公告)日:2020-03-12
申请号:US16684469
申请日:2019-11-14
Applicant: iboss, Inc.
Inventor: Paul Michael Martini , Peter Anthony Martini
Abstract: This specification generally relates to describes methods and systems for applying network policies to devices based on their current access network. One example method includes receiving a message from a device over a network, the message associated with a source address; determining a current access network for the device based at least in part on the source address; and applying a network policy to the device based on the determined current access network.
-
公开(公告)号:US10462219B2
公开(公告)日:2019-10-29
申请号:US15233894
申请日:2016-08-10
Applicant: iBoss, Inc.
Inventor: Paul Michael Martini
Abstract: Techniques for delivering a distributed network security service providing isolation of customer data are described. One example method includes assigning a first node in a distributed network to a first customer; assigning a second node in the distributed network to a second customer; configuring the assigned first node to process network traffic only from the first customer; configuring the assigned second node to process network traffic only from the second customer; processing, by the assigned first node, network traffic associated with the first customer; and processing, by the assigned second node, network traffic associated with the second customer, wherein the network traffic of the first customer is isolated from the network traffic of the second customer, wherein the network traffic of the customers is kept isolated from one another.
-
公开(公告)号:US10341357B2
公开(公告)日:2019-07-02
申请号:US14265540
申请日:2014-04-30
Applicant: iboss, Inc.
Inventor: Paul Michael Martini
Abstract: A device within the network receives a domain name service (DNS) request for an address of a first resource outside the network, the first resource associated with a security policy of the network. An address of a second resource within the network is returned to the device within the network in response the DNS request, the second resource address having previously been associated with the first resource address. A first encrypted connection is established between the device and the second resource, and a second encrypted connection is established between the second resource and the first resource, to facilitate encrypted communication traffic between the device and the first resource. The encrypted communication traffic passing between the device and the first resource is selectively decrypted and inspected depending on the address of the first resource.
-
公开(公告)号:US09900341B2
公开(公告)日:2018-02-20
申请号:US14843922
申请日:2015-09-02
Applicant: iboss, Inc.
Inventor: Paul Michael Martini , Peter Anthony Martini
CPC classification number: H04L63/145 , G06F17/30887 , G06F21/53 , H04L63/0227 , H04L63/1416 , H04L67/02 , H04L67/2814 , H04L67/2842 , H04L67/42 , H04W12/08
Abstract: This specification generally relates to using redirect messages to implement caching. One example method includes receiving from a client a first request for a network resource, the first request including an original location of the network resource; determining that a response to the first request is to be cached; sending a redirect response to the client including a cache location for the network resource; receiving a second request for the network resource from the client, the second request including the cache location; in response to receiving the second request for the network resource from the client: determining that the network resource has not been previously cached; retrieving the network resource from the original location; caching the retrieved network resource in a location associated with the cache location for the network resource; and sending the retrieved network resource to the client.
-
-
-
-
-
-
-
-
-
Search Results
158
records
(took 0.022 seconds)
