-
公开(公告)号:US20220232028A1
公开(公告)日:2022-07-21
申请号:US17713577
申请日:2022-04-05
发明人: David K. Ahn , Keith A. George , Peter P. Geremia , Pierre Mallett, III , Sean Moore , Robert T. Perry , Jonathan R. Rogers
IPC分类号: H04L9/40
摘要: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination. The packet-filtering device may generate a log entry comprising information from the packet-filtering rule that identifies the one or more network-threat indicators and indicating whether the packet-filtering device prevented the packet from continuing toward its destination or allowed the packet to continue toward its destination.
-
公开(公告)号:US10567413B2
公开(公告)日:2020-02-18
申请号:US16217720
申请日:2018-12-12
发明人: David K. Ahn , Keith A. George , Peter P. Geremia , Pierre Mallett, III , Sean Moore , Robert T. Perry , Jonathan R. Rogers
摘要: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination. The packet-filtering device may generate a log entry comprising information from the packet-filtering rule that identifies the one or more network-threat indicators and indicating whether the packet-filtering device prevented the packet from continuing toward its destination or allowed the packet to continue toward its destination.
-
公开(公告)号:US20190387013A1
公开(公告)日:2019-12-19
申请号:US16554252
申请日:2019-08-28
发明人: David K. Ahn , Keith A. George , Peter P. Geremia , Pierre Mallett, III , Sean Moore , Robert T. Perry , Jonathan R. Rogers
IPC分类号: H04L29/06
摘要: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination. The packet-filtering device may generate a log entry comprising information from the packet-filtering rule that identifies the one or more network-threat indicators and indicating whether the packet-filtering device prevented the packet from continuing toward its destination or allowed the packet to continue toward its destination.
-
公开(公告)号:US20170359449A1
公开(公告)日:2017-12-14
申请号:US15413947
申请日:2017-01-24
IPC分类号: H04L29/06 , H04L29/12 , H04L12/823 , H04L12/26 , H04L12/851 , H04L12/741
CPC分类号: H04L69/22 , H04L43/026 , H04L43/04 , H04L43/087 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/745 , H04L47/2483 , H04L47/32 , H04L61/2567 , H04L63/0263
摘要: A computing system may identify packets received by a network device from a host located in a first network and may generate log entries corresponding to the packets received by the network device. The computing system may identify packets transmitted by the network device to a host located in a second network and may generate log entries corresponding to the packets transmitted by the network device. Utilizing the log entries corresponding to the packets received by the network device and the log entries corresponding to the packets transmitted by the network device, the computing system may correlate the packets transmitted by the network device with the packets received by the network device.
-
公开(公告)号:US20160234083A1
公开(公告)日:2016-08-11
申请号:US14714207
申请日:2015-05-15
CPC分类号: H04L69/22 , H04L43/026 , H04L43/04 , H04L43/087 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/745 , H04L47/2483 , H04L47/32 , H04L61/2567 , H04L63/0263
摘要: A computing system may identify packets received by a network device from a host located in a first network and may generate log entries corresponding to the packets received by the network device. The computing system may identify packets transmitted by the network device to a host located in a second network and may generate log entries corresponding to the packets transmitted by the network device. Utilizing the log entries corresponding to the packets received by the network device and the log entries corresponding to the packets transmitted by the network device, the computing system may correlate the packets transmitted by the network device with the packets received by the network device.
摘要翻译: 计算系统可以从位于第一网络中的主机识别由网络设备接收的分组,并且可以生成与由网络设备接收的分组相对应的日志条目。 计算系统可以将由网络设备发送的分组识别到位于第二网络中的主机,并且可以生成与由网络设备发送的分组相对应的日志条目。 利用对应于由网络设备接收到的分组的日志条目和与网络设备发送的分组对应的日志条目,计算系统可以将由网络设备发送的分组与网络设备接收的分组相关联。
-
公开(公告)号:US09413722B1
公开(公告)日:2016-08-09
申请号:US14855374
申请日:2015-09-15
发明人: David K. Ahn , Keith A. George , Peter P. Geremia , Pierre Mallett, III , Sean Moore , Robert T. Perry , Jonathan R. Rogers
IPC分类号: H04L29/06
CPC分类号: H04L63/1425 , H04L43/028 , H04L63/0227 , H04L63/0236 , H04L63/0263 , H04L63/12 , H04L63/1416 , H04L63/1441
摘要: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination. The packet-filtering device may generate a log entry comprising information from the packet-filtering rule that identifies the one or more network-threat indicators and indicating whether the packet-filtering device prevented the packet from continuing toward its destination or allowed the packet to continue toward its destination.
摘要翻译: 分组过滤设备可以接收分组过滤规则,其被配置为使分组过滤设备识别与网络威胁指示符相对应的分组。 分组过滤设备可以接收分组,并且对于每个分组,可以确定分组对应于由分组过滤规则指定的标准。 该标准可以对应于一个或多个网络威胁指标。 分组过滤设备可以应用由分组过滤规则指定的运营商。 操作者可以被配置为使分组过滤设备阻止分组继续向其目的地或允许分组继续向其目的地。 分组过滤设备可以生成包括来自分组过滤规则的信息的日志条目,该规则标识一个或多个网络威胁指示符并且指示分组过滤设备是否阻止分组继续向其目的地或允许分组继续 朝其目的地。
-
公开(公告)号:US11012459B2
公开(公告)日:2021-05-18
申请号:US17001164
申请日:2020-08-24
发明人: David K. Ahn , Keith A. George , Peter P. Geremia , Pierre Mallett, III , Sean Moore , Robert T. Perry , Jonathan R. Rogers
摘要: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination. The packet-filtering device may generate a log entry comprising information from the packet-filtering rule that identifies the one or more network-threat indicators and indicating whether the packet-filtering device prevented the packet from continuing toward its destination or allowed the packet to continue toward its destination.
-
公开(公告)号:US10530903B2
公开(公告)日:2020-01-07
申请号:US15413947
申请日:2017-01-24
IPC分类号: H04L29/06 , H04L12/851 , H04L12/26 , H04L12/741 , H04L29/12 , H04L12/823
摘要: A computing system may identify packets received by a network device from a host located in a first network and may generate log entries corresponding to the packets received by the network device. The computing system may identify packets transmitted by the network device to a host located in a second network and may generate log entries corresponding to the packets transmitted by the network device. Utilizing the log entries corresponding to the packets received by the network device and the log entries corresponding to the packets transmitted by the network device, the computing system may correlate the packets transmitted by the network device with the packets received by the network device.
-
公开(公告)号:US10193917B2
公开(公告)日:2019-01-29
申请号:US15827477
申请日:2017-11-30
发明人: David K. Ahn , Keith A. George , Peter P. Geremia , Pierre Mallett, III , Sean Moore , Robert T. Perry , Jonathan R. Rogers
摘要: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination. The packet-filtering device may generate a log entry comprising information from the packet-filtering rule that identifies the one or more network-threat indicators and indicating whether the packet-filtering device prevented the packet from continuing toward its destination or allowed the packet to continue toward its destination.
-
公开(公告)号:US20160308894A1
公开(公告)日:2016-10-20
申请号:US14690302
申请日:2015-04-17
发明人: David K. Ahn , Keith A. George , Peter P. Geremia , Pierre Mallett, III , Sean Moore , Robert T. Perry , Jonathan R. Rogers
IPC分类号: H04L29/06
CPC分类号: H04L63/1425 , H04L43/028 , H04L63/0227 , H04L63/0236 , H04L63/0263 , H04L63/12 , H04L63/1416 , H04L63/1441
摘要: A packet-filtering device may receive packet-filtering rules configured to cause the packet-filtering device to identify packets corresponding to network-threat indicators. The packet-filtering device may receive packets and, for each packet, may determine that the packet corresponds to criteria specified by a packet-filtering rule. The criteria may correspond to one or more of the network-threat indicators. The packet-filtering device may apply an operator specified by the packet-filtering rule. The operator may be configured to cause the packet-filtering device to either prevent the packet from continuing toward its destination or allow the packet to continue toward its destination. The packet-filtering device may generate a log entry comprising information from the packet-filtering rule that identifies the one or more network-threat indicators and indicating whether the packet-filtering device prevented the packet from continuing toward its destination or allowed the packet to continue toward its destination.
摘要翻译: 分组过滤设备可以接收分组过滤规则,其被配置为使分组过滤设备识别与网络威胁指示符相对应的分组。 分组过滤设备可以接收分组,并且对于每个分组,可以确定分组对应于由分组过滤规则指定的标准。 该标准可以对应于一个或多个网络威胁指标。 分组过滤设备可以应用由分组过滤规则指定的运营商。 操作者可以被配置为使分组过滤设备阻止分组继续向其目的地或允许分组继续向其目的地。 分组过滤设备可以生成包括来自分组过滤规则的信息的日志条目,该规则标识一个或多个网络威胁指示符并且指示分组过滤设备是否阻止分组继续向其目的地或允许分组继续 朝其目的地。
-
-
-
-
-
-
-
-
-
搜索结果
28 条记录 (耗时 0.02 秒)
