Patent application number | Description | Published |
20150242415 | DETECTING AND MANAGING ABNORMAL DATA BEHAVIOR - Methods and systems for providing destination-specific network management are described. One example method includes determining a normal data movement profile for a computing device based on observed normal data transfer behavior by the computing device; identifying a data movement rule associated with the computing device, the data movement rule including a deviation amount, and one or more actions to take when the computing device deviates from the normal data movement profile by more than the deviation amount; detecting a data movement associated with the computing device; determining that the detected data movement exceeds the deviation amount included in the data movement rule relative to the normal data movement profile for the computing device; and performing the one or more actions associated with the data movement rule upon determining that the data movement violates the data movement rule. | 08-27-2015 |
20150256516 | MANAGE ENCRYPTED NETWORK TRAFFIC USING SPOOFED ADDRESSES - Methods and systems for managing encrypted network traffic using spoofed addresses. One example method includes receiving a request to resolve a domain name; determining that the domain name is included in a predetermined set of domain names; associating a spoofed address with the domain name; sending a response to the request to resolve the domain name including the spoofed address; receiving a secure request for a resource, the secure request directed to the spoofed address; identifying a user identity associated with the secure request; determining that the secure request is directed to the domain name based on the association between the spoofed address and the domain name; and selectively decrypting and/or blocking the secure request based at least in part on determining that the secure request is directed to the domain name and based at least in part on the user identity associated with the secure request. | 09-10-2015 |
20150271209 | SOFT WEBSITE BLOCK OVERRIDE - Methods, systems, and apparatus, including computer programs encoded on computer storage media, for overriding a soft website block. One of the methods includes receiving, from a user device, a request to access a resource, determining, using a first policy group for the user device, that the user device should be prevented from accessing the resource, providing, to the user device and based on determining that the user device should be prevented from accessing the resource, instructions for the presentation of a user interface including a user credentials field, receiving user credentials from the user device, determining that the user credentials are the same as credentials used to log onto the user device, and allowing the user device access to the resource. | 09-24-2015 |
20150301982 | GENERATING PROXY AUTOMATIC CONFIGURATION SCRIPTS - Methods and systems for generating a proxy automatic configuration (PAC) script based on the location of a device. One example method includes receiving a request for a proxy automatic configuration (PAC) script from a source address associated with a device; determining, based at least in part on the source address, a location of the device; generating a PAC script based at least in part on the determined location of the device; and sending a response to the request for the PAC script including the generated PAC script. | 10-22-2015 |
20150381559 | MANAGE ENCRYPTED NETWORK TRAFFIC USING DNS RESPONSES - This present disclosure generally relates to managing encrypted network traffic using Domain Name System (DNS) responses. One example method includes requesting an address associated with the a domain name from a resolution server, the domain name included in a predetermined set of domain names for which secure requests are to be identified domain name from a resolution server; receiving a response from the resolution server including one or more addresses associated with the domain name; associating with the domain name a particular address selected from the received one or more addresses; receiving a request to resolve the domain name; sending a response to the request to resolve the domain name, the sent response including the particular address associated with the domain name; receiving a secure request for a resource, the secure request directed to the particular address associated with the domain name; and determining that the secure request is directed to the domain name based on the association between the particular address and the domain name. | 12-31-2015 |