US Patent 11943195 Zero-trust DNS and FQDN based traffic acquisition using synthetic IP

A computing system is configured to perform zero-trust domain name resolution. The computing system includes applications coupled to a zero-trust client. The zero-trust client is configured to receive requests for IP addresses corresponding to endpoint identifiers for internet connected endpoints. The zero-trust client includes a synthetic DNS service configured to identify synthetic IP addresses for the endpoint identifiers. The zero-trust client provides the synthetic IP addresses for the endpoint identifiers to the applications. The zero-trust client sends data traffic from the applications to a zero-trust service with the synthetic IP addresses and sends corresponding endpoint identifiers to the zero-trust service in a fashion that allows the synthetic IP addresses to be correlated to the endpoint identifiers at the zero-trust service.