US 11,916,957 B1
System and method for utilizing DHCP relay to police DHCP address assignment in ransomware protected network
Raymond Wing Chon Cheh, Sunnyvale, CA (US); Chia Chi Cheng, Belmont, CA (US); Satish M. Mohan, San Jose, CA (US); Ritesh R. Agrawal, San Jose, CA (US); and Vinay Adavi, Sunnyvale, CA (US)
Assigned to AIRGAP NETWORKS INC., Santa Clara, CA (US)
Filed by Airgap Networks Inc., Santa Clara, CA (US)
Filed on Dec. 9, 2022, as Appl. No. 18/064,177.
Application 18/064,177 is a continuation in part of application No. 17/521,092, filed on Nov. 8, 2021.
Application 17/521,092 is a continuation of application No. 17/387,615, filed on Jul. 28, 2021, granted, now 11,323,474, issued on Nov. 9, 2021.
Application 17/387,615 is a continuation of application No. 17/357,757, filed on Jun. 24, 2021, granted, now 11,171,985, issued on May 3, 2022.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 12/46 (2006.01)
CPC H04L 63/1466 (2013.01) [H04L 12/4641 (2013.01); H04L 63/1416 (2013.01)] 16 Claims
OG exemplary drawing
 
1. A computer-implemented method of ransomware protection in a Virtual Local Area Network (VLAN) network, comprising:
configuring a security appliance as a DHCP relay for a Dynamic Host Configuration Protocol (DHCP) server in the VLAN network;
receiving, by the security appliance, responses from the DHCP server to DHCP requests and the security appliance further overwriting a subnet mask associated with the responses to 255.255.255.255 to set the security appliance as a default gateway for a plurality of endpoint devices of the VLAN network; and
intercepting, by the security appliance, DHCP packets between the DHCP server and endpoint devices and policing, by the security appliance, 1) Internet Protocol (IP) addresses requested by client endpoint devices, and 2) IP addresses proposed by the DHCP server; and
wherein the policing of IP address assignments by the security appliance is selected to aid in protecting the security of the endpoint devices from ransomware.