Rajendraprasad R Pagaku

8087082, Dec 27, 2011

Dec 3, 2010

12/959542

Eric Bloch - San Mateo CA, US
Shalabh Mohan - Mountain View CA, US
Rajendraprasad R. Pagaku - Foster City CA, US
Doug Moore - Houston TX, US
Mark Krentel - Houston TX, US
Bruce Thompson - So. San Francisco CA, US
Julian R. Elischer - El Cerrito CA, US
Brandon L. Golm - San Francisco CA, US

Ironport Systems, Inc. - San Bruno CA

G06F 11/00

726 22, 726 23, 726 24

A data processing apparatus, comprising at least one processor and a traffic monitor comprising logic which, when executed by the processor, causes the processor to perform: creating, using forward Domain Name System (DNS) lookups, a mapping of domain names to Internet Protocol (IP) addresses; determining whether a particular domain in the mapping requires handling data traffic to or from the particular domain by performing a particular action; based on the mapping, determining one or more IP addresses that are associated with the particular domain; generating policy for a firewall that instructs the firewall to perform the particular action upon receiving a particular request; wherein the particular request specifies a particular IP address that is within the particular domain.

7849507, Dec 7, 2010

Apr 30, 2007

11/742080

Eric Bloch - San Mateo CA, US
Shalabh Mohan - Mountain View CA, US
Rajendraprasad R. Pagaku - Foster City CA, US
Doug Moore - Houston TX, US
Mark Krentel - Houston TX, US
Bruce Thompson - So. San Francisco CA, US
Julian R. Elischer - El Cerrito CA, US
Brandon L. Golm - San Francisco CA, US

Ironport Systems, Inc. - San Bruno CA

G06F 11/00

726 22, 726 23, 726 24

A data processing apparatus can perform HTTP traffic monitoring and filtering of HTTP requests from clients and responses from servers. Example apparatus comprises a processor; a first network interface to a protected network; a second network interface to an external network; a core hypertext transfer protocol (HTTP) proxy coupled to the processor and coupled to a content cache, wherein the HTTP proxy is configured to receive an HTTP request from a client computer in the protected network, send the request to a network resource in the external network on behalf of the client, and receive an HTTP response from the network resource on behalf of the client computer; and a plurality of spyware scanning engines (SSEs), wherein each of the SSEs is coupled to stored content signatures, and wherein each of the SSEs is configured to detect a particular kind of malicious software in an HTTP response.

7849502, Dec 7, 2010

Apr 30, 2007

11/742015

Eric Bloch - San Mateo CA, US
Shalabh Mohan - Mountain View CA, US
Rajendraprasad R. Pagaku - Foster City CA, US
Doug Moore - Houston TX, US
Mark Krentel - Houston TX, US
Bruce Thompson - South San Francisco CA, US
Julian R. Elischer - El Cerrito CA, US
Brandon L. Golm - San Francisco CA, US

Ironport Systems, Inc. - San Bruno CA

G06F 15/16
G06F 11/00

726 11, 726 22, 726 23, 726 24

A data processing apparatus can perform HTTP traffic monitoring and filtering of HTTP requests from clients and responses from servers. Example apparatus comprises a processor, a first network interface to a protected network, a second network interface to an external network, and a traffic monitor having an address-domain name database, a firewall rules manager, and a DNS snooper. The traffic monitor accesses a blacklist and can perform receiving, from a client computer, a request to access a resource in the external network; blocking the request to the resource when a user agent of the client is in the blacklist as malicious software or when a file extension in a response to the request is in the blacklist; requesting, from a web reputation service, and receiving a reputation score indicating a reputation of the resource; blocking sending the request to the resource when the reputation is below a specified threshold.