公开(公告)号：US09009828B1

公开(公告)日：2015-04-14

申请号：US12240444

申请日：2008-09-29

申请人： Jon R. Ramsey ,  Wayne Howard Haber ,  Bill Guerry ,  Michael Joseph Hubbard ,  Uday Banerjee

发明人： Jon R. Ramsey ,  Wayne Howard Haber ,  Bill Guerry ,  Michael Joseph Hubbard ,  Uday Banerjee

IPC分类号： H04L29/06 ,  G06F15/16

CPC分类号： H04L63/1458 ,  G06F17/30312 ,  G06F17/30528 ,  H04L63/02 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/1466 ,  H04L63/1483

摘要： Network traffic can be prevented from entering a protected network. An alert can be received that can be triggered by network traffic that matches at least one signature that is associated with undesired network behavior. A source of the network traffic that triggered the alert can be determined, and network traffic that originates from the source can be blocked. Blocking the source can include assigning a determination to the alert. It can then be determined whether network traffic from the source should be blocked based on the determination. The source can then be provided to the protected network such that a network device coupled to the protected network can be configured to block network traffic that originates from the source.

摘要翻译： 可以防止网络流量进入受保护的网络。 可以接收到可以由匹配至少一个与不期望的网络行为相关联的签名的网络流量触发的警报。 可以确定触发警报的网络流量的来源，并且可以阻止源自源的网络流量。 阻止源可以包括为警报分配确定。 然后可以根据确定来确定来自源的网络流量是否应该被阻止。 然后可以将源提供给受保护的网络，使得耦合到受保护网络的网络设备可被配置为阻止源自源的网络流量。