An address obtaining method includes obtaining, by a third network device, an identifier of a first application from a terminal device. The identifier of the first application indicates a request for obtaining an address of an instance of the first application. The address obtaining method further includes sending, by the third network device, a first message to a first network device, wherein the first message comprises the identifier of the first application, and the first message is useable to request the address of the instance of the first application. The address obtaining method further includes receiving, by the third network device, the address of the instance of the first application from the first network device, and sending the address of the instance of the first application to the terminal device.

An address obtaining method includes obtaining, by a third network device, an identifier of a first application from a terminal device. The identifier of the first application indicates a request for obtaining an address of an instance of the first application. The address obtaining method further includes sending, by the third network device, a first message to a first network device, wherein the first message comprises the identifier of the first application, and the first message is useable to request the address of the instance of the first application. The address obtaining method further includes receiving, by the third network device, the address of the instance of the first application from the first network device, and sending the address of the instance of the first application to the terminal device.

A method is disclosed including establishing a browser session in response to receiving a request from a browser application in a public network. The browser session is assigned to a dedicated network service running in a dedicated network name space. Requests received from the browser application are proxied to a dedicated network service. A local web session in the dedicated network service authenticates a user of the browser application for access to at least one private webservice. A security client in the dedicated network service establishes a networking tunnel between the proxy and a remote gateway to the private network, thereby obtaining network access to the private webservice from the dedicated network name space. Within the dedicated network name space, proxied requests addressing the private webservice are forwarded over the networking tunnel to the private network.

Domain Name System (DNS) security using process information is provided. An application accessing an internet service using a domain name is determined. Process information associated with the application along with an associated DNS query to identify an IP address associated with the domain name are identified. The process information and the associated DNS query to a DNS security service are sent. An action based on a response from the DNS security service is performed.

A DNS server receives from a receiving email system, a DNS query for an email domain stored at the DNS server, the DNS query including identifying information of a sender of an email. The DNS server extracts the identifying information of the email sender from the DNS query and identifies one of a plurality of delivering organizations from the information. The DNS server determines whether the identified delivering organization is authorized to deliver email on behalf of the email domain. In response to determining that the identified delivering organization is authorized to deliver email on behalf of the email domain, the DNS server generates a target validation record based on the identity of the authorized delivering organization and the email domain, the target validation record including one or more rules indicating to the receiving email system whether the delivering organization is an authorized sender of email for the email domain.

A DNS server receives from a receiving email system, a DNS query for an email domain stored at the DNS server, the DNS query including identifying information of a sender of an email. The DNS server extracts the identifying information of the email sender from the DNS query and identifies one of a plurality of delivering organizations from the information. The DNS server determines whether the identified delivering organization is authorized to deliver email on behalf of the email domain. In response to determining that the identified delivering organization is authorized to deliver email on behalf of the email domain, the DNS server generates a target validation record based on the identity of the authorized delivering organization and the email domain, the target validation record including one or more rules indicating to the receiving email system whether the delivering organization is an authorized sender of email for the email domain.

A method and apparatus of processing a user initiated request for information is disclosed. The method may provide receiving a user initiated request including a uniform resource locator (URL) submitted to a web browser application and receiving a response that the URL is an invalid URL that cannot be resolved to a corresponding webpage. The method may also include blocking a subsequent attempt to transmit the user initiated request as a browser modified search request that includes modifications to the user initiated request.

A method and apparatus of processing a user initiated request for information is disclosed. The method may provide receiving a user initiated request including a uniform resource locator (URL) submitted to a web browser application and receiving a response that the URL is an invalid URL that cannot be resolved to a corresponding webpage. The method may also include blocking a subsequent attempt to transmit the user initiated request as a browser modified search request that includes modifications to the user initiated request.

Some embodiments provide a novel method of performing health monitoring for resources associated with a global server load balancing (GSLB) system. This system is implemented by several domain name system (DNS) servers that perform DNS services for resources located at several geographically separate sites. The method identifies several different groupings of the resources. It then assigns the health monitoring of the different resource groups to different DNS servers. The method then configures each particular DNS server (1) to send health monitoring messages to the particular group of resources assigned to the particular DNS server, (2) to generate data by analyzing responses to the sent health monitoring messages, and (3) to distribute the generated data to the other DNS servers. The method in some embodiments is performed by a set of one or more controllers.

Some embodiments provide a novel method of performing health monitoring for resources associated with a global server load balancing (GSLB) system. This system is implemented by several domain name system (DNS) servers that perform DNS services for resources located at several geographically separate sites. The method identifies several different groupings of the resources. It then assigns the health monitoring of the different resource groups to different DNS servers. The method then configures each particular DNS server (1) to send health monitoring messages to the particular group of resources assigned to the particular DNS server, (2) to generate data by analyzing responses to the sent health monitoring messages, and (3) to distribute the generated data to the other DNS servers. The method in some embodiments is performed by a set of one or more controllers.