CPC H04L 63/0236 (2013.01) [H04L 61/4511 (2022.05); H04L 63/0281 (2013.01); H04L 63/205 (2013.01); H04L 63/306 (2013.01)] | 24 Claims |
1. A method comprising:
receiving, by a packet-filtering device, a first plurality of packets associated with establishing a secure communication channel with a first destination, wherein the first plurality of packets comprises a plaintext server name indication (SNI) value;
blocking, by the packet-filtering device and based on a determination that the first plurality of packets comprises the plaintext SNI value, the first plurality of packets;
receiving, by the packet-filtering device, a second plurality of packets associated with establishing a secure communication channel with a second destination, wherein the second plurality of packets comprises an encrypted server name indication (eSNI) value; and
forwarding, by the packet-filtering device and based on a determination that the second plurality of packets comprises the eSNI value, the second plurality of packets to the second destination.
|