公开(公告)号：US20120102543A1

公开(公告)日：2012-04-26

申请号：US13279498

申请日：2011-10-24

申请人： Ashwin Kohli ,  David A. George ,  Kevin Tinagero

发明人： Ashwin Kohli ,  David A. George ,  Kevin Tinagero

IPC分类号： G06F21/00

CPC分类号： H04L63/20

摘要： A computer implemented method and system for managing an audit of one or more network layer devices is provided. An audit management system accessible by a user via a graphical user interface acquires network layer device information of the network layer devices and a configuration file comprising configuration file commands. The audit management system allows creation and/or selection of one or more audit policies for the network layer devices. The audit policies comprise one or more audit rules that define functioning of the network layer devices for one or more compliance policies. The audit management system executes the audit policies for performing the audit of the network layer devices by comparing the configuration file commands of the configuration file with the audit rules of the audit policies, and generates a report comprising information about security and compliance of the network layer devices with the compliance policies based on the audit.

摘要翻译： 提供了一种用于管理一个或多个网络层设备的审计的计算机实现的方法和系统。 由用户通过图形用户界面访问的审计管理系统获取网络层设备的网络层设备信息和包括配置文件命令的配置文件。 审计管理系统允许为网络层设备创建和/或选择一个或多个审计策略。 审计策略包括一个或多个审计规则，其定义用于一个或多个合规策略的网络层设备的功能。 审计管理系统通过将配置文件的配置文件命令与审计策略的审核规则进行比较，执行审计策略，对网络层设备进行审核，并生成包含网络层安全性和合规性信息的报告 基于审计的符合性策略的设备。