US 12,244,633 B2
Network isolation by policy compliance evaluation
Michael Franz Baukes, Sunnyvale, CA (US); and Alan James Sharp-Paul, Los Altos, CA (US)
Assigned to UPGUARD, INC., Mountain View, CA (US)
Filed by Upguard, Inc., Mountain View, CA (US)
Filed on Mar. 12, 2024, as Appl. No. 18/602,639.
Application 18/602,639 is a continuation of application No. 18/343,293, filed on Jun. 28, 2023, granted, now 11,962,613.
Application 18/343,293 is a continuation of application No. 18/087,637, filed on Dec. 22, 2022, granted, now 11,729,205, issued on Aug. 15, 2023.
Application 18/087,637 is a continuation of application No. 17/352,618, filed on Jun. 21, 2021, granted, now 11,575,701, issued on Feb. 7, 2023.
Application 17/352,618 is a continuation of application No. 16/540,055, filed on Aug. 14, 2019, granted, now 11,075,940, issued on Jul. 27, 2021.
Application 16/540,055 is a continuation of application No. 16/149,144, filed on Oct. 2, 2018, granted, now 10,440,045, issued on Oct. 8, 2019.
Application 16/149,144 is a continuation of application No. 15/272,321, filed on Sep. 21, 2016, granted, now 10,142,364, issued on Nov. 27, 2018.
Prior Publication US 2024/0223593 A1, Jul. 4, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 61/4511 (2022.01)
CPC H04L 63/1433 (2013.01) [H04L 61/4511 (2022.05); H04L 63/1408 (2013.01); H04L 63/1441 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A method comprising:
determining, for an internal network comprising a plurality of nodes, whether network traffic detected by the internal network introduces an above-threshold level of risk to the internal network;
responsive to determining that the network traffic introduces the above-threshold level of risk to the internal network:
identifying a set of the plurality of nodes corresponding to the network traffic that introduces the above-threshold level of risk; and
isolating the set of nodes by instructing a domain name system (DNS) server of the internal network to prevent resolution of DNS requests for IP addresses corresponding to the set of nodes until the risk introduced by the network traffic falls below the threshold level of risk, wherein determining that the risk introduced by the network traffic falls below the threshold level of risk comprises simulating the network traffic and effects of the network traffic on the set of nodes.