US 12,438,845 B2
Systems and methods for internal secure network resolution
Weining Wu, Burnaby (CA); Kunal Marwah, Burnaby (CA); Jinhai Yang, Burnaby (CA); and Xu Zheng, Burnaby (CA)
Assigned to Fortinet, Inc., Sunnyvale, CA (US)
Filed by Fortinet, Inc., Sunnyvale, CA (US)
Filed on Feb. 29, 2024, as Appl. No. 18/592,333.
Application 18/592,333 is a continuation of application No. 17/463,787, filed on Sep. 1, 2021, granted, now 11,956,211.
Prior Publication US 2024/0205189 A1, Jun. 20, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 21/60 (2013.01); H04L 41/12 (2022.01); G06F 21/70 (2013.01)
CPC H04L 63/0236 (2013.01) [H04L 41/12 (2013.01); H04L 63/0876 (2013.01); H04L 63/20 (2013.01)] 17 Claims
OG exemplary drawing
 
1. A method comprising:
intercepting, by an endpoint security application of an endpoint device associated with a secured network, a request to access a particular network resource within the secured network, wherein the request for the particular network resource includes a domain name corresponding to the particular network resource;
accessing, by the endpoint security application, an internal list of domain names maintained within the secure network, wherein the internal list of domain names includes a plurality of domain names each identifying a given network resource of a plurality of network resources accessible on the secured network and corresponding to an internet protocol (IP) address of the given network resource;
based at least in part on determining that the particular network resource is included in the internal list of domain names, limiting exposure of internal network operations of the secured network, by locally resolving, by the endpoint security application, the IP address of the particular network resource with reference to the internal list of domain names; and
returning, by the endpoint security application, a response to the request including the IP address in a format used by a domain name system (DNS).