Invention Grant
US08020211B2 Network security system having a device profiler communicatively coupled to a traffic monitor
有权
网络安全系统具有通信耦合到业务监视器的设备分析器
- Patent Title: Network security system having a device profiler communicatively coupled to a traffic monitor
- Patent Title (中): 网络安全系统具有通信耦合到业务监视器的设备分析器
-
Application No.: US12552264Application Date: 2009-09-01
-
Publication No.: US08020211B2Publication Date: 2011-09-13
- Inventor: Timothy D. Keanini , Martin A. Quiroga , Brian W. Buchanan , John S. Flowers
- Applicant: Timothy D. Keanini , Martin A. Quiroga , Brian W. Buchanan , John S. Flowers
- Applicant Address: US CA San Francisco
- Assignee: nCircle Network Security, Inc.
- Current Assignee: nCircle Network Security, Inc.
- Current Assignee Address: US CA San Francisco
- Agency: Fenwick & West LLP
- Main IPC: G08B23/00
- IPC: G08B23/00 ; G06F15/16 ; G06F12/14 ; G06F11/30 ; G06F15/173 ; G06F11/00 ; H04L29/06 ; H04L9/32
Abstract:
A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The device profiler traverses a vulnerability tree having nodes representative of characteristics of the hosts, each node having an associated set of potential vulnerabilities. Verification rules can verify the potential vulnerabilities. A centralized correlation server, at a centrally accessible location in the network, stores the determined vulnerabilities of the network and associates the determined vulnerabilities with attack signatures. Traffic monitors access the attack signatures and monitor network traffic for attacks against the determined vulnerabilities.
Public/Granted literature
- US20090320138A1 NETWORK SECURITY SYSTEM HAVING A DEVICE PROFILER COMMUNICATIVELY COUPLED TO A TRAFFIC MONITOR Public/Granted day:2009-12-24
Information query
