Systems and methods for microsegmentation include receiving network communication information that describes flows between hosts in a network and applications executed on the hosts; generating a network communication model based on the network communication information that labels flows; and providing polices to the hosts based on the network communication model where the policies cause performance a set of actions, locally at a host, on any of the flows based on corresponding labels. The labels are one of healthy and unhealthy. The set of actions include blocking, allowing, and allowing for a period of time before confirmation.

Embodiments are directed to monitoring communication between computers using network monitoring computers (NMCs). NMCs identify a secure communication session established between two of the computers based on an exchange of handshake information associated with the secure communication session. Key information that corresponds to the secure communication session may be obtained from a key provider such that the key information may be encrypted by the key provider. NMCs may decrypt the key information. NMCs may derive the session key based on the decrypted key information and the handshake information. NMCs may decrypt network packets included in the secure communication session. NMCs may be employed to inspect the one or more decrypted network packets to execute one or more rule-based policies.

A method for transferring electronic evidence is provided. The law enforcement agencies can make efficient use of social media and other forms of public communications to make a public appeal for information on crimes and other investigations wherein the public appeals allow members of the public to easily submit information and/or media files from smartphones and other computers in a way that allows the submission to be linked to the public appeal (e.g. the specific case file or the attributes of the case file) so that the submission data can be found and accessed by law enforcement investigators.

A method for transferring electronic evidence is provided. The law enforcement agencies can make efficient use of social media and other forms of public communications to make a public appeal for information on crimes and other investigations wherein the public appeals allow members of the public to easily submit information and/or media files from smartphones and other computers in a way that allows the submission to be linked to the public appeal (e.g. the specific case file or the attributes of the case file) so that the submission data can be found and accessed by law enforcement investigators.

A computer method and system for mitigating Domain Name System (DNS) misuse using a probabilistic data structure, such as a cuckoo filter. Intercepted is network traffic flowing from one or more external hosts to a computer network, the intercepted network traffic including a DNS request that requests a Resource Record name in a DNS zone file. A determination is made as to whether the DNS request is requesting resolution at a protected DNS Name Server. A hash value is calculated for the requested Resource Record name if it is determined the DNS request is requesting resolution at the protected DNS Name Server. A determination is then made as to whether the calculated hash value for the requested Resource Record name is present in the probabilistic data structure. The DNS request is forwarded to the protected server if the requested Resource Record name is determined present in the probabilistic data structure.

A computer-implemented system and method for secure electronic message exchange including coupling a control platform to a workstation of a plurality of workstations via a communications medium, where the control platform includes one or more apparatuses for monitoring, controlling, conversion, and billing, related to messages exchanged between a plurality of local users and a plurality of remote users. The system prevents forwarding or copying of a message sent by a local user of the plurality of local users and received by a remote user of the plurality of remote users, to another party by the control platform. The system and method also provides for authenticating the remote user with the control platform.

A method for controlling data transmission within a telecommunications network involves providing interconnections to both a core network and to at least one user device via a base station. A configurable network is defined interconnecting the at least one core network and the base station. A first network slice is selected responsive to use of the configurable network by a first application. A second network slice is selected responsive to use of the configurable network by a second application. Data transmission are provided between the core network and the base station over the configurable network based on the selected first or second network slice.

A method (200) performed by a communication device hosting a network element, NE, the method comprising:- preparing (202) a Report Issue request message for reporting an Issue;- incrementing (204) an Issue count to obtain a current Issue count of Issues reported by the NE to a lawful interception, LI, administrative function, ADMF;- adding (206) the current Issue count to the Report Issue request message; - sending (208) the Report Issue request message (610) including the current Issue count to the LI ADMF;-receiving (210) a request message (620) from the LI ADMF requesting information about at least one Report Issue request message sent by the NE and not received by the LI ADMF; and- sending (212) a response message (622) including the requested information.

A computer method and system for mitigating Domain Name System (DNS) misuse using a probabilistic data structure, such as a cuckoo filter. Intercepted is network traffic flowing from one or more external hosts to a computer network, the intercepted network traffic including a DNS request that requests a Resource Record name in a DNS zone file. A determination is made as to whether the DNS request is requesting resolution at a protected DNS Name Server. A hash value is calculated for the requested Resource Record name if it is determined the DNS request is requesting resolution at the protected DNS Name Server. A determination is then made as to whether the calculated hash value for the requested Resource Record name is present in the probabilistic data structure. The DNS request is forwarded to the protected server if the requested Resource Record name is determined present in the probabilistic data structure.

The technology disclosed relates to a transparent inline secure forwarder for policy enforcement on IoT devices. In particular, the technology disclosed provides a system. The system comprises a plurality of special-purpose devices on a network segment of a network. The system further comprises a default gateway of the network segment configured to receive outbound network traffic from special-purpose devices in the plurality of special-purpose devices. The system further comprises an inline secure forwarder configured to share an Internet Protocol (IP) address with the default gateway in a transparent mode to intercept the outbound network traffic prior to the default gateway receiving the outbound network traffic, and route the intercepted outbound network traffic to a policy enforcement point for policy enforcement.