Network monitoring with differentiated treatment of authenticated network traffic
US11700233B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 4, 2019 |
| Grant date | Jul 11, 2023 |
| Priority date | — |
| Expiry date | Mar 2, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L69/22
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and computer-implemented method to monitor network traffic for a protected network using a block of IP addresses including an IP address for a server. The method includes selecting one or more green addresses, each being a different IP address from the block of IP addresses, associating the green addresses with the IP address of the server, and receiving a packet of the internet traffic from a client directed to an IP address of the block of IP addresses prior to any performance of DPI on the packet. It is determined whether the destination address matches the one or more green addresses or is a yellow address (which belongs to the block of IP addresses, but is not a green address). When determined that the destination address matches the one or more green addresses, the method the packet is sent to the IP address associated with the matching green address, bypassing any DPI. Otherwise, the packet is sent to a scrubber to analyze the packet using DPI and handle the packet or perform a redirection of the client. The redirection causes subsequent requests from the client to be sent to the IP address associated with the green address, bypassing any DPI.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.