Patent · US Active

Methods and systems for inspecting encrypted network traffic

US10805320B1 · kind B1 · utility

6Cited by

10References

18Claims

0Family size

Assignee

Trend Micro Incorporated · JP

Inventors

Kelong WANG · Nanjing, CN
Jian Sun · Beijing, CN
Zheng Wang · Beijing, CN

Key dates

Filing date	Jun 15, 2018
Grant date	Oct 13, 2020
Priority date	—
Expiry date	Feb 13, 2039

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/306
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Encrypted network traffic between a server device and an application program running on a client device is monitored by a network security device in an enterprise computer network. Metadata of the application program is sent to a cloud security system to generate a reputation of the application program. The encrypted network traffic is decrypted and inspected for conformance with security policies when the application program is determined to be a browser application. When the application program is determined to be a non-browser application, the reputation of the application program is determined and the encrypted network traffic is blocked when the application program has a bad reputation. In a bypass mode of operation, the encrypted network traffic is allowed to pass through without inspection when the application program is determined to be a non-browser application.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.