GB2587713B - Securing endpoints in a heterogenous enterprise network - Google Patents

Securing endpoints in a heterogenous enterprise network Download PDF

Info

Publication number
GB2587713B
GB2587713B GB2015005.8A GB202015005A GB2587713B GB 2587713 B GB2587713 B GB 2587713B GB 202015005 A GB202015005 A GB 202015005A GB 2587713 B GB2587713 B GB 2587713B
Authority
GB
United Kingdom
Prior art keywords
heterogenous
enterprise network
endpoints
securing endpoints
securing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
GB2015005.8A
Other versions
GB2587713A (en
GB202015005D0 (en
Inventor
Daniel Grimm Moritz
Stutz Daniel
J Thomas Andrew
D Ray Kenneth
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sophos Ltd
Original Assignee
Sophos Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US15/945,291 external-priority patent/US11616758B2/en
Priority claimed from US15/945,346 external-priority patent/US10972431B2/en
Priority claimed from US15/945,166 external-priority patent/US11271950B2/en
Priority claimed from US15/945,226 external-priority patent/US11140195B2/en
Priority claimed from US15/945,319 external-priority patent/US10862864B2/en
Application filed by Sophos Ltd filed Critical Sophos Ltd
Publication of GB202015005D0 publication Critical patent/GB202015005D0/en
Publication of GB2587713A publication Critical patent/GB2587713A/en
Application granted granted Critical
Publication of GB2587713B publication Critical patent/GB2587713B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
GB2015005.8A 2018-04-04 2019-04-04 Securing endpoints in a heterogenous enterprise network Active GB2587713B (en)

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US15/945,291 US11616758B2 (en) 2018-04-04 2018-04-04 Network device for securing endpoints in a heterogeneous enterprise network
US15/945,346 US10972431B2 (en) 2018-04-04 2018-04-04 Device management based on groups of network adapters
US15/945,166 US11271950B2 (en) 2018-04-04 2018-04-04 Securing endpoints in a heterogenous enterprise network
US15/945,226 US11140195B2 (en) 2018-04-04 2018-04-04 Secure endpoint in a heterogenous enterprise network
US15/945,319 US10862864B2 (en) 2018-04-04 2018-04-04 Network device with transparent heartbeat processing
PCT/US2019/025710 WO2019195502A1 (en) 2018-04-04 2019-04-04 Securing endpoints in a heterogenous enterprise network

Publications (3)

Publication Number Publication Date
GB202015005D0 GB202015005D0 (en) 2020-11-04
GB2587713A GB2587713A (en) 2021-04-07
GB2587713B true GB2587713B (en) 2021-09-22

Family

ID=68101424

Family Applications (1)

Application Number Title Priority Date Filing Date
GB2015005.8A Active GB2587713B (en) 2018-04-04 2019-04-04 Securing endpoints in a heterogenous enterprise network

Country Status (2)

Country Link
GB (1) GB2587713B (en)
WO (1) WO2019195502A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110891059A (en) * 2019-11-26 2020-03-17 武汉卓云智方科技有限公司 Internet safety management platform
EP3893461A1 (en) 2020-04-10 2021-10-13 Hewlett-Packard Development Company, L.P. Low data rate signalling

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060140181A1 (en) * 2004-12-29 2006-06-29 Fabian Trumper Method for packet encapsulation and redirection of data packets
US7307996B2 (en) * 2002-07-30 2007-12-11 Brocade Communications Systems, Inc. Infiniband router having an internal subnet architecture
US20120210000A1 (en) * 2011-02-15 2012-08-16 International Business Machines Corporation Registering Devices For Network Access
US8990891B1 (en) * 2011-04-19 2015-03-24 Pulse Secure, Llc Provisioning layer two network access for mobile devices
US20150312266A1 (en) * 2014-04-28 2015-10-29 Sophos Limited Advanced persistent threat detection
US20160308762A1 (en) * 2015-04-17 2016-10-20 Equinix, Inc. Cloud-based services exchange
US9680860B1 (en) * 2016-02-16 2017-06-13 Cylance Inc. Endpoint-based man in the middle attack detection using multiple types of detection tests
US20170302535A1 (en) * 2013-02-26 2017-10-19 Zentera Systems, Inc. Secure cloud fabric to connect subnets in different network domains
US20170310703A1 (en) * 2016-04-22 2017-10-26 Sophos Limited Detecting triggering events for distributed denial of service attacks

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7307996B2 (en) * 2002-07-30 2007-12-11 Brocade Communications Systems, Inc. Infiniband router having an internal subnet architecture
US20060140181A1 (en) * 2004-12-29 2006-06-29 Fabian Trumper Method for packet encapsulation and redirection of data packets
US20120210000A1 (en) * 2011-02-15 2012-08-16 International Business Machines Corporation Registering Devices For Network Access
US8990891B1 (en) * 2011-04-19 2015-03-24 Pulse Secure, Llc Provisioning layer two network access for mobile devices
US20170302535A1 (en) * 2013-02-26 2017-10-19 Zentera Systems, Inc. Secure cloud fabric to connect subnets in different network domains
US20150312266A1 (en) * 2014-04-28 2015-10-29 Sophos Limited Advanced persistent threat detection
US20160308762A1 (en) * 2015-04-17 2016-10-20 Equinix, Inc. Cloud-based services exchange
US9680860B1 (en) * 2016-02-16 2017-06-13 Cylance Inc. Endpoint-based man in the middle attack detection using multiple types of detection tests
US20170310703A1 (en) * 2016-04-22 2017-10-26 Sophos Limited Detecting triggering events for distributed denial of service attacks

Also Published As

Publication number Publication date
GB2587713A (en) 2021-04-07
WO2019195502A1 (en) 2019-10-10
GB202015005D0 (en) 2020-11-04

Similar Documents

Publication Publication Date Title
ZA201904928B (en) Data isolation in a blockchain network
EP3777305C0 (en) Selecting a network connection based on a media type
EP3497879A4 (en) Using a digital certificate with multiple cryptosystems
ZA202103186B (en) Defining and managing forms in a distributed ledger trust network
GB2525701B (en) A software defined network and a communication network comprising the same
IL280298A (en) Task completion using a blockchain network
HK1231644A1 (en) Multi-master selection in a software defined network
EP3735640A4 (en) Multi-tenant data protection in a centralized network environment
ZA201902904B (en) Enabling multiple numerologies in a network
PL3616467T3 (en) Network manager in a nr network
EP3108598A4 (en) Optimizing network resources in a telecommunications system
GB201522546D0 (en) Power management in a power over data network
GB2575704B (en) Secure communication in a nondeterministic network
IL261888A (en) Rule enforcement in a network
GB201809777D0 (en) Access mode configuration in a network
GB2589988B (en) Locally securing endpoints in an enterprise network using remote network resources
GB202002614D0 (en) Resource element in a telecommunication system
GB2587713B (en) Securing endpoints in a heterogenous enterprise network
ZA202001245B (en) Improved zoning configuration in a mesh network
GB2555610B (en) Data traffic management in a telecommunication network
GB2597201B (en) Service management in a DBMS
EP3436965A4 (en) Managing physical network cross-connects in a datacenter
GB2533186B (en) A telecommunication network manager
ZA202002446B (en) A second-order all-pass network comprising cciis
GB2553786B (en) A telecommunication network