System and method for inspecting domain name system flows in a network environment
US9015318B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 18, 2009 |
| Grant date | Apr 21, 2015 |
| Priority date | — |
| Expiry date | Aug 20, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2101/668
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method is provided in one example and includes receiving a first packet associated with a domain name system (DNS) exchange between a subscriber and a DNS server. A correlation is maintained between a domain name and an Internet protocol (IP) address included in a DNS response. A subsequent packet associated with a subsequent flow is received and the IP address is identified within the subsequent packet. The method further includes executing a policy decision for the subsequent flow based on the correlation between the IP address and the domain name. In more specific embodiments, the correlation is stored in a table that includes a time to live (TTL) parameter associated with the IP address. The IP address within the subsequent packet can be mapped to the domain name in order to apply the policy decision for the subsequent flow.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.