Intrusion detection on load balanced network traffic

Assignee

• Oracle International Corporation · US

Inventor

• Brijesh Singh · Mercer Island, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L67/1001
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems, methods, and other embodiments associated with performing intrusion detection on load balanced network traffic are described. In one embodiment, a method includes receiving, at a load balancer host, an encrypted data packet from a remote computer. A certificate established between the remote computer and a destination service being accessed by the remote computer is used by the load balancer host to decrypt the encrypted data packet to create an unencrypted data packet. The unencrypted data packet is routed to an intrusion detection system at the load balancer host. The intrusion detection system is controlled to execute intrusion detection upon the unencrypted data packet. A secure connection is established with the destination computing node. The unencrypted data packet is re-encrypted and transmitted over the network using the secure connection to the destination computing node.