AU2013378115B2 - Method and apparatus for application awareness in a network - Google Patents

Method and apparatus for application awareness in a network Download PDF

Info

Publication number
AU2013378115B2
AU2013378115B2 AU2013378115A AU2013378115A AU2013378115B2 AU 2013378115 B2 AU2013378115 B2 AU 2013378115B2 AU 2013378115 A AU2013378115 A AU 2013378115A AU 2013378115 A AU2013378115 A AU 2013378115A AU 2013378115 B2 AU2013378115 B2 AU 2013378115B2
Authority
AU
Australia
Prior art keywords
application
network
network socket
context
decision
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
AU2013378115A
Other languages
English (en)
Other versions
AU2013378115A1 (en
Inventor
Binyuan Chen
Amit Chopra
Azeem Feroz
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
VMware LLC
Original Assignee
VMware LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by VMware LLC filed Critical VMware LLC
Publication of AU2013378115A1 publication Critical patent/AU2013378115A1/en
Application granted granted Critical
Publication of AU2013378115B2 publication Critical patent/AU2013378115B2/en
Assigned to VMware LLC reassignment VMware LLC Request to Amend Deed and Register Assignors: VMWARE, INC.
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
AU2013378115A 2013-02-14 2013-02-14 Method and apparatus for application awareness in a network Active AU2013378115B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/767,686 US9444841B2 (en) 2013-02-14 2013-02-14 Method and apparatus for application awareness in a network
US13/767,686 2013-02-14
PCT/US2013/026225 WO2014126574A1 (en) 2013-02-14 2013-02-14 Method and apparatus for application awareness in a network

Publications (2)

Publication Number Publication Date
AU2013378115A1 AU2013378115A1 (en) 2015-09-03
AU2013378115B2 true AU2013378115B2 (en) 2016-07-28

Family

ID=47844450

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2013378115A Active AU2013378115B2 (en) 2013-02-14 2013-02-14 Method and apparatus for application awareness in a network

Country Status (5)

Country Link
US (3) US9444841B2 (enExample)
EP (1) EP2956883B1 (enExample)
JP (1) JP6046276B2 (enExample)
AU (1) AU2013378115B2 (enExample)
WO (1) WO2014126574A1 (enExample)

Families Citing this family (62)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8695060B2 (en) 2011-10-10 2014-04-08 Openpeak Inc. System and method for creating secure applications
US10033693B2 (en) 2013-10-01 2018-07-24 Nicira, Inc. Distributed identity-based firewalls
US9560081B1 (en) * 2016-06-24 2017-01-31 Varmour Networks, Inc. Data network microsegmentation
US9594929B2 (en) * 2014-08-11 2017-03-14 Honeywell International Inc. Open architecture security methods and systems
US20160071040A1 (en) 2014-09-05 2016-03-10 Openpeak Inc. Method and system for enabling data usage accounting through a relay
US9100390B1 (en) 2014-09-05 2015-08-04 Openpeak Inc. Method and system for enrolling and authenticating computing devices for data usage accounting
US9350818B2 (en) 2014-09-05 2016-05-24 Openpeak Inc. Method and system for enabling data usage accounting for unreliable transport communication
US8938547B1 (en) 2014-09-05 2015-01-20 Openpeak Inc. Method and system for data usage accounting in a computing device
US9232013B1 (en) 2014-09-05 2016-01-05 Openpeak Inc. Method and system for enabling data usage accounting
US9098715B1 (en) 2014-10-28 2015-08-04 Openpeak Inc. Method and system for exchanging content between applications
US9891940B2 (en) 2014-12-29 2018-02-13 Nicira, Inc. Introspection method and apparatus for network access filtering
US10178070B2 (en) 2015-03-13 2019-01-08 Varmour Networks, Inc. Methods and systems for providing security to distributed microservices
US9609026B2 (en) 2015-03-13 2017-03-28 Varmour Networks, Inc. Segmented networks that implement scanning
US9467476B1 (en) 2015-03-13 2016-10-11 Varmour Networks, Inc. Context aware microsegmentation
US9232078B1 (en) 2015-03-16 2016-01-05 Openpeak Inc. Method and system for data usage accounting across multiple communication networks
JP6771874B2 (ja) 2015-09-16 2020-10-21 キヤノン株式会社 情報処理装置、その制御方法及びプログラム
US10514683B2 (en) 2015-09-16 2019-12-24 Profire Energy, Inc. Distributed networking system and method to implement a safety state environment
US10432754B2 (en) 2015-09-16 2019-10-01 Profire Energy, Inc Safety networking protocol and method
US10324746B2 (en) 2015-11-03 2019-06-18 Nicira, Inc. Extended context delivery for context-based authorization
US10070316B2 (en) 2016-06-16 2018-09-04 Samsung Electronics Co., Ltd. Permission delegation framework
US9787639B1 (en) * 2016-06-24 2017-10-10 Varmour Networks, Inc. Granular segmentation using events
US10938837B2 (en) 2016-08-30 2021-03-02 Nicira, Inc. Isolated network stack to manage security for virtual machines
US10333983B2 (en) 2016-08-30 2019-06-25 Nicira, Inc. Policy definition and enforcement for a network virtualization platform
US10715607B2 (en) 2016-12-06 2020-07-14 Nicira, Inc. Performing context-rich attribute-based services on a host
WO2018118465A1 (en) * 2016-12-22 2018-06-28 Nicira, Inc. Collecting and processing context attributes on a host
EP4231146B1 (en) 2016-12-22 2025-12-10 VMware LLC Collecting and processing context attributes on a host
US10503536B2 (en) 2016-12-22 2019-12-10 Nicira, Inc. Collecting and storing threat level indicators for service rule processing
US10803173B2 (en) 2016-12-22 2020-10-13 Nicira, Inc. Performing context-rich attribute-based process control services on a host
US10812451B2 (en) 2016-12-22 2020-10-20 Nicira, Inc. Performing appID based firewall services on a host
US10581960B2 (en) 2016-12-22 2020-03-03 Nicira, Inc. Performing context-rich attribute-based load balancing on a host
US10805332B2 (en) 2017-07-25 2020-10-13 Nicira, Inc. Context engine model
US11032246B2 (en) 2016-12-22 2021-06-08 Nicira, Inc. Context based firewall services for data message flows for multiple concurrent users on one machine
US11032248B2 (en) * 2017-03-07 2021-06-08 Nicira, Inc. Guest thin agent assisted host network encryption
US11681568B1 (en) * 2017-08-02 2023-06-20 Styra, Inc. Method and apparatus to reduce the window for policy violations with minimal consistency assumptions
US10778651B2 (en) 2017-11-15 2020-09-15 Nicira, Inc. Performing context-rich attribute-based encryption on a host
US10652213B2 (en) 2017-12-18 2020-05-12 Nicira, Inc. Agent-less micro-segmentation of a network
US10862773B2 (en) 2018-01-26 2020-12-08 Nicira, Inc. Performing services on data messages associated with endpoint machines
US10802893B2 (en) 2018-01-26 2020-10-13 Nicira, Inc. Performing process control services on endpoint machines
US11296960B2 (en) 2018-03-08 2022-04-05 Nicira, Inc. Monitoring distributed applications
JP7067187B2 (ja) * 2018-03-27 2022-05-16 日本電気株式会社 通信制御装置、通信制御方法、及びプログラム
US20200364354A1 (en) * 2019-05-17 2020-11-19 Microsoft Technology Licensing, Llc Mitigation of ransomware in integrated, isolated applications
US11140090B2 (en) 2019-07-23 2021-10-05 Vmware, Inc. Analyzing flow group attributes using configuration tags
US11436075B2 (en) 2019-07-23 2022-09-06 Vmware, Inc. Offloading anomaly detection from server to host
US11743135B2 (en) 2019-07-23 2023-08-29 Vmware, Inc. Presenting data regarding grouped flows
US11349876B2 (en) 2019-07-23 2022-05-31 Vmware, Inc. Security policy recommendation generation
US11398987B2 (en) 2019-07-23 2022-07-26 Vmware, Inc. Host-based flow aggregation
US10911335B1 (en) 2019-07-23 2021-02-02 Vmware, Inc. Anomaly detection on groups of flows
US11176157B2 (en) 2019-07-23 2021-11-16 Vmware, Inc. Using keys to aggregate flows at appliance
US11188570B2 (en) 2019-07-23 2021-11-30 Vmware, Inc. Using keys to aggregate flow attributes at host
US11340931B2 (en) 2019-07-23 2022-05-24 Vmware, Inc. Recommendation generation based on selection of selectable elements of visual representation
US11288256B2 (en) 2019-07-23 2022-03-29 Vmware, Inc. Dynamically providing keys to host for flow aggregation
US11539718B2 (en) 2020-01-10 2022-12-27 Vmware, Inc. Efficiently performing intrusion detection
US11321213B2 (en) 2020-01-16 2022-05-03 Vmware, Inc. Correlation key used to correlate flow and con text data
US11108728B1 (en) 2020-07-24 2021-08-31 Vmware, Inc. Fast distribution of port identifiers for rule processing
US11785032B2 (en) 2021-01-22 2023-10-10 Vmware, Inc. Security threat detection based on network flow analysis
US11991187B2 (en) 2021-01-22 2024-05-21 VMware LLC Security threat detection based on network flow analysis
US11831667B2 (en) 2021-07-09 2023-11-28 Vmware, Inc. Identification of time-ordered sets of connections to identify threats to a datacenter
US11997120B2 (en) 2021-07-09 2024-05-28 VMware LLC Detecting threats to datacenter based on analysis of anomalous events
US20230013808A1 (en) * 2021-07-13 2023-01-19 Vmware, Inc. Method and system for implementing an intent-based intrusion detection and prevention system using contextual attributes
US11792151B2 (en) 2021-10-21 2023-10-17 Vmware, Inc. Detection of threats based on responses to name resolution requests
US12015591B2 (en) 2021-12-06 2024-06-18 VMware LLC Reuse of groups in security policy
US12425371B2 (en) * 2022-09-16 2025-09-23 Cisco Technology, Inc. System and method for providing SCHC-based edge firewalling

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050182958A1 (en) * 2004-02-17 2005-08-18 Duc Pham Secure, real-time application execution control system and methods
US20090089879A1 (en) * 2007-09-28 2009-04-02 Microsoft Corporation Securing anti-virus software with virtualization
US20090279547A1 (en) * 2008-05-08 2009-11-12 Nortel Networks Limited Network-aware adapter for applications
US20090288167A1 (en) * 2008-05-19 2009-11-19 Authentium, Inc. Secure virtualization system software
US20100198698A1 (en) * 2009-01-28 2010-08-05 Headwater Partners I Llc Adaptive ambient services
US8095786B1 (en) * 2006-11-09 2012-01-10 Juniper Networks, Inc. Application-specific network-layer virtual private network connections

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2003201231A1 (en) * 2002-01-04 2003-07-30 Lab 7 Networks, Inc. Communication security system
JP2004013608A (ja) * 2002-06-07 2004-01-15 Hitachi Ltd プログラムの実行および転送の制御
US20050182966A1 (en) * 2004-02-17 2005-08-18 Duc Pham Secure interprocess communications binding system and methods
KR20060050768A (ko) * 2004-10-01 2006-05-19 마이크로소프트 코포레이션 액세스 인가 api
US20070073858A1 (en) * 2005-09-27 2007-03-29 Nokia Corporation Security of virtual computing platforms
US20100122313A1 (en) * 2008-11-09 2010-05-13 Aspect9, Inc. Method and system for restricting file access in a computer system
US8973089B2 (en) * 2011-08-08 2015-03-03 Adobe Systems Incorporated Secure socket policy files for establishing secure socket connections

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050182958A1 (en) * 2004-02-17 2005-08-18 Duc Pham Secure, real-time application execution control system and methods
US8095786B1 (en) * 2006-11-09 2012-01-10 Juniper Networks, Inc. Application-specific network-layer virtual private network connections
US20090089879A1 (en) * 2007-09-28 2009-04-02 Microsoft Corporation Securing anti-virus software with virtualization
US20090279547A1 (en) * 2008-05-08 2009-11-12 Nortel Networks Limited Network-aware adapter for applications
US20090288167A1 (en) * 2008-05-19 2009-11-19 Authentium, Inc. Secure virtualization system software
US20100198698A1 (en) * 2009-01-28 2010-08-05 Headwater Partners I Llc Adaptive ambient services

Also Published As

Publication number Publication date
US9444841B2 (en) 2016-09-13
JP6046276B2 (ja) 2016-12-14
US20200195612A1 (en) 2020-06-18
US20140230008A1 (en) 2014-08-14
AU2013378115A1 (en) 2015-09-03
JP2016514295A (ja) 2016-05-19
EP2956883A1 (en) 2015-12-23
WO2014126574A1 (en) 2014-08-21
US20160380972A1 (en) 2016-12-29
US10454895B2 (en) 2019-10-22
EP2956883B1 (en) 2017-03-22

Similar Documents

Publication Publication Date Title
AU2013378115B2 (en) Method and apparatus for application awareness in a network
US11743289B2 (en) Managing transmissions of virtual machines using a network interface controller
US10652281B1 (en) Network policy implementation in a tag-based policy architecture
US20170054686A1 (en) Agentless Security of Virtual Machines using a Filtering Platform
US12267298B2 (en) Distributed traffic steering and enforcement for security solutions
US8973088B1 (en) Policy enforcement using host information profile
US11194600B2 (en) Secure digital workspace using machine learning and microsegmentation
US10193862B2 (en) Security policy analysis based on detecting new network port connections
US11057385B2 (en) Methods to restrict network file access in guest virtual machines using in-guest agents
JP2024023875A (ja) インラインマルウェア検出
US8272031B2 (en) Policy-based virtualization method involving adaptive enforcement
US11671404B2 (en) Policy based mechanism to efficiently interpret and block insecure network communication
US20230082289A1 (en) Automated fuzzy hash based signature collecting system for malware detection
US20240176869A1 (en) Dependency emulation for executable samples
CN119563303A (zh) 中心化身份重分发
EP3786829A1 (en) Secure data processing in a third-party cloud environment
EP3839789B1 (en) Secure data leakage control in a third party cloud computing environment
US12069028B2 (en) Fast policy matching with runtime signature update
JP7717303B1 (ja) コバルトストライクビーコンhttp c2ヒューリスティック検出
CN115834190A (zh) 主机管控方法、装置、设备和存储介质

Legal Events

Date Code Title Description
FGA Letters patent sealed or granted (standard patent)
HB Alteration of name in register

Owner name: VMWARE LLC

Free format text: FORMER NAME(S): VMWARE, INC.