Systems and methods for a security network integrating security system and network devices are disclosed. A system may comprise a gateway and first and second security panels, each located at a premises. The first and second security panels may be connected, via respective first and second wireless communication protocols, to respective first and second security system components. The first and second security panels may receive respective first and second security data from the respective first and second security system components. The gateway may be configured to receive, via the first and second wireless communication protocols, the respective first and second security data. The gateway may be configured to transmit at least one of the first security data and the second security data to a security server located external to the premises.

In an approach to attesting control over network devices, responsive to receiving a first signal from a client, wherein the first signal initiates a network connection between the client and a server, a first certificate is sent to the client that contains a common name that is an internet protocol (IP) address. A second certificate is sent to the client that contains a common name that is a uniform resource locator (URL) of the server. Responsive to receiving a second signal from the client that the first certificate and the second certificate are trusted, the client is connected with the server.

Techniques are described to provide efficient protection for a virtual private network. In one example, a method is provided that includes obtaining a packet at a first network entity; determining that the packet is a packet type of an authentication type; determining whether authentication content for the packet matches known good criteria for the packet type of the authentication type; based on determining that the authentication content for the packet does not match the known good criteria, performing at least one of dropping the packet and generating an alarm; and based on determining that the authentication content for the packet does match the known good criteria, processing the packet at the first network entity or forwarding the packet toward a second network entity.

A method and system for initiating message listening and routing message content to authorized user devices is disclosed. For a second user device to receive notifications regarding records of a first user, the second user device provides information identifying the first user to a notification service. The notification service verifies the identifying information. The notification service initiates one or more listeners to listen for messages flowing over a messaging bus that are relating to the first user. Once a message is identified, at least a portion of the message is used to generate a notification that may be sent to the second user device.

Systems, apparatuses, methods, and computer program products are disclosed for post-quantum cryptography (PQC). An example method includes transmitting a first portion of an electronic communication to a client device over a non-PQC communications channel. The example method further includes transmitting a second portion of the electronic communication to the client device over a PQC communications channel. In some instances, the first portion of the electronic communication may comprise overhead data, and the second portion of the electronic communication may comprise payload data.

Described systems and methods enable protecting client devices (e.g., personal computers and IoT devices) implementing encrypted DNS protocols against harmful or inappropriate Internet content. A DNS proxy intercepts an attempt to establish an encrypted communication session between a client device and a DNS server. Without decrypting any communications, some embodiments of the DNS proxy determine an identifier of the respective session and an identifier of the client device, and send a query tracer connecting the session identifier with the client identifier to a security server. In some embodiments, the security server obtains the domain name included in an encrypted DNS query from the DNS server and instructs the DNS server to allow or block access of the client device to the respective Internet domain according to a device- and/or user-specific access policy.

A method of determining that a client is likely engaged in the sending of spam emails via a network node. The method comprises, at the network node, defining a message size threshold and a message sending rate threshold, detecting the opening of Simple Mail Transfer Protocol, SMTP connections between a client device and an email server, identifying messages sent from the client over the SMTP connections which exceed said message size threshold and counting the identified messages to determine a client email message sending rate. The method further comprises making an assumption that the client is engaged in the sending of spam emails if the client message sending rate exceeds said message sending rate threshold.

A network device decrypts a record, received from a client device, that is associated with an encrypted session between the client device and an application platform. The network device incorporates decrypted record data, from the decrypted record, into a payload field of a transmission control protocol (TCP) packet to be transmitted to another device, identifies a record header in the record, and determines, based on the record header, a record type associated with the decrypted record. Based on the record type, the network device marks the one or more TCP packets as including urgent data by setting a TCP urgent control bit in a header of the one or more TCP packets, and sets a second field, in the header of the TCP packet, to a second value that identifies an end of the urgent data, which corresponds to an end of the decrypted record data in the payload field.

A system and method is provided that enables the recovery of data packets transmitted over an unreliable network. The system and method utilize an algorithm for transmitting the data packets with restoration of lost data during data transfer over UDP Protocol encrypted with DTLS Protocol. Advantageously, the algorithm does not require changes to data for either UDP or DTLS packets, but rather a separate, specifically designed packet is transmitted to the recipient to facilitate and ensure the recovery of any lost data packets over the unreliable network.

The devices and methods relate to web categorization of web requests. The devices and methods may perform a two-step classification of the web requests. The first classification may provide potential web categories for web request based on a fully qualified domain name (FQDN) of the web request. The first classification may be used to determine whether transport layer security (TLS) termination may be performed on the web request. The second classification may provide a web category for a uniform resource locator (URL) of the web request after performing the TLS termination. The web category may be used by a firewall in filtering web traffic for the web request.