| CPC H04L 63/1416 (2013.01) [H04L 63/0236 (2013.01); H04L 63/1425 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. A system for providing cloud-based network security, the system including:
a cloud access security broker (CASB) component that runs on cloud-based hardware and is configured for providing security with respect to access to a cloud-based resource by users within an organization, via processing of one or more received packets being communicated between said users of said organization through a set of firewall components to said cloud-based resource, in compliance with a unified security policy;
a secure web gateway (SWG) component that runs on cloud-based hardware and is configured for providing security with respect to access to a web accessible destination by said users within an organization, via processing of one or more received packets being communicated between said users of said organization through the set of firewall components and said web accessible destination, in compliance with the unified security policy;
the set of firewall components that run on cloud-based hardware and are configured for providing packet-level and protocol-level traffic inspection and access control, with respect to received packets, and for selectively forwarding said received packets to the CASB and SWG dependent on a type of stream to which said received packets belong; and
a restrictive state analyzer that runs on cloud-based hardware, that is configured to be in communication with each of said components, and that is configured for determining if and what action should be performed with respect to said each packet, in response to said communication with at least one of said components and in compliance with the unified security policy.
|