-
公开(公告)号:US20050257267A1
公开(公告)日:2005-11-17
申请号:US10779190
申请日:2004-02-13
申请人: John Williams , Brian Costello , John Ravenel , John Payne , Ryan Nakawatase , Thomas Walpole , Stephen Ritter , John Pelly , M. Rutherford
发明人: John Williams , Brian Costello , John Ravenel , John Payne , Ryan Nakawatase , Thomas Walpole , Stephen Ritter , John Pelly , M. Rutherford
CPC分类号: H04L63/0227 , H04L63/1408
摘要: A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.
摘要翻译: 基于预防的网络审计系统包括中央合规服务器,生成网络策略并配置数据通信网络的审核。 合规服务器提供图形用户界面(GUI)来描述特定数据收集参数,要分析的策略和分析时间表。 在网络上策略部署的一个或多个审计服务器采用异构数据收集工具来收集有关网络的信息以响应配置的审核,并将收集的信息发送到合规服务器。 审计储存库存储收集的信息,供合规服务器用于安全和监管政策评估,网络漏洞分析,报告生成和安全改进建议。
-
公开(公告)号:US20050010819A1
公开(公告)日:2005-01-13
申请号:US10778836
申请日:2004-02-13
申请人: John Williams , Brian Costello , John Ravenel , John Payne , Stephen Ritter , Ryan Nakawatase , John Pelly , M. Rutherford
发明人: John Williams , Brian Costello , John Ravenel , John Payne , Stephen Ritter , Ryan Nakawatase , John Pelly , M. Rutherford
IPC分类号: G06F20060101 , G06F11/30 , G06F12/14 , G06F15/16 , G06F15/173 , H04L9/00 , H04L12/24 , H04L12/26 , H04L12/66 , H04L29/06
CPC分类号: H04L63/14 , H04L41/0853 , H04L41/0856 , H04L41/0859 , H04L43/00 , H04L43/045 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/1433 , H04L63/20
摘要: A prevention-based network auditing system includes a central compliance server storing both natural language policy documents and machine-processable policy rules in an audit repository. The compliance server provides a client-side user interface allowing a user to easily generate a machine-auditable policy by selecting/generating a natural language policy source document, and linking the applicable machine-processable policy rules to the applicable portions of the source document. The selected machine-processable policy rules are then applied to information gathered about the network during a scheduled network audit session for efficiently and systematically determining whether policy violations and/or vulnerabilities exist.
摘要翻译: 基于预防的网络审计系统包括中央合规服务器,将自然语言策略文档和机器可处理的策略规则存储在审计存储库中。 合规性服务器提供客户端用户界面,允许用户通过选择/生成自然语言策略源文档以及将可应用的机器可处理策略规则链接到源文档的适用部分来轻松地生成机器可审核策略。 然后,所选择的机器可处理策略规则被应用于在计划的网络审计会话期间收集的关于网络的信息,以有效和系统地确定是否存在策略违规和/或漏洞。
-
3.发明申请公开(公告)号:US20050015622A1
公开(公告)日:2005-01-20
申请号:US10778770
申请日:2004-02-13
申请人: John Williams , Brian Costello , John Ravenel , Stephen Ritter , John Pelly , M. Rutherford , John Payne
发明人: John Williams , Brian Costello , John Ravenel , Stephen Ritter , John Pelly , M. Rutherford , John Payne
IPC分类号: G06F20060101 , G06F11/30 , G06F12/14 , G06F15/16 , G06F15/173 , H04L9/00 , H04L12/24 , H04L12/26 , H04L12/66 , H04L29/06
CPC分类号: H04L63/14 , H04L41/0853 , H04L41/0856 , H04L41/0859 , H04L43/00 , H04L43/045 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/1433 , H04L63/20
摘要: A prevention-based network auditing system includes a central compliance server providing a user interface allowing a user to schedule and configure a network audit. The configured audit is stored in an audit repository until its scheduled time. At such a time, the compliance server automatically invokes one or more audit servers to gather information about the network. The compliance server receives the gathered information and electronically applies a network policy to the information for determining compliance with the policy. A remediation task may be generated if the policy has been violated, and the task monitored until its completion.
摘要翻译: 基于预防的网络审计系统包括提供允许用户调度和配置网络审计的用户界面的中央合规服务器。 已配置的审核存储在审计存储库中,直到其预定时间为止。 在这种情况下,合规服务器自动调用一个或多个审核服务器来收集有关网络的信息。 合规服务器接收收集的信息,并将网络策略电子地应用于确定遵守策略的信息。 如果策略被违反,则可能会生成修复任务,并监视任务直至完成。
-
公开(公告)号:US20050015623A1
公开(公告)日:2005-01-20
申请号:US10778837
申请日:2004-02-13
申请人: John Williams , Brian Costello , John Ravenel , John Pelly , Ryan Nakawatase , Thomas Walpole
发明人: John Williams , Brian Costello , John Ravenel , John Pelly , Ryan Nakawatase , Thomas Walpole
IPC分类号: G06F20060101 , G06F11/30 , G06F12/14 , G06F15/16 , G06F15/173 , H04L9/00 , H04L12/24 , H04L12/26 , H04L12/66 , H04L29/06
CPC分类号: H04L63/14 , H04L41/0853 , H04L41/0856 , H04L41/0859 , H04L43/00 , H04L43/045 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/1433 , H04L63/20
摘要: A prevention-based network auditing system includes an audit repository storing network information gathered by a plurality of heterogeneous information sources. A semantic normalization module identifies semantic equivalencies in the gathered information, and generates a map listing for each fact gathered by an information source, an equivalent fact or set of facts gathered by each of the other information sources. A network policy is then uniformly applied to the information that is identified as being semantically equivalent.
摘要翻译: 基于预防的网络审计系统包括存储由多个异构信息源收集的网络信息的审计存储库。 语义规范化模块识别所收集的信息中的语义等价物,并且生成由信息源收集的每个事实的映射列表,由每个其他信息源收集的等效事实或一组事实。 然后将网络策略统一应用于被识别为语义等同的信息。
-
5.发明申请公开(公告)号:US20130347107A1
公开(公告)日:2013-12-26
申请号:US14010498
申请日:2013-08-26
申请人: John Leslie Williams , Brian Costello , John Patrick Ravenel , Stephen J. Ritter , John Pelly , M. Celeste Rutherford , John Payne
发明人: John Leslie Williams , Brian Costello , John Patrick Ravenel , Stephen J. Ritter , John Pelly , M. Celeste Rutherford , John Payne
IPC分类号: H04L29/06
CPC分类号: H04L63/14 , H04L41/0853 , H04L41/0856 , H04L41/0859 , H04L43/00 , H04L43/045 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/1433 , H04L63/20
摘要: A prevention-based network auditing system includes a central compliance server providing a user interface allowing a user to schedule and configure a network audit. The configured audit is stored in an audit repository until its scheduled time. At such a time, the compliance server automatically invokes one or more audit servers to gather information about the network. The compliance server receives the gathered information and electronically applies a network policy to the information for determining compliance with the policy. A remediation task may be generated if the policy has been violated, and the task monitored until its completion.
摘要翻译: 基于预防的网络审计系统包括提供允许用户调度和配置网络审计的用户界面的中央合规服务器。 已配置的审核存储在审计存储库中,直到其预定时间为止。 在这种情况下,合规服务器自动调用一个或多个审核服务器来收集有关网络的信息。 合规服务器接收收集的信息,并将网络策略电子地应用于确定遵守策略的信息。 如果策略被违反,则可能会生成修复任务,并监视任务直至完成。
-
公开(公告)号:US08561175B2
公开(公告)日:2013-10-15
申请号:US10778770
申请日:2004-02-13
申请人: John Leslie Williams , Brian Costello , John Patrick Ravenel , Stephen J. Ritter , John Pelly , M. Celeste Rutherford , John Payne
发明人: John Leslie Williams , Brian Costello , John Patrick Ravenel , Stephen J. Ritter , John Pelly , M. Celeste Rutherford , John Payne
IPC分类号: G06F11/00
CPC分类号: H04L63/14 , H04L41/0853 , H04L41/0856 , H04L41/0859 , H04L43/00 , H04L43/045 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/1433 , H04L63/20
摘要: A prevention-based network auditing system includes a central compliance server providing a user interface allowing a user to schedule and configure a network audit. The configured audit is stored in an audit repository until its scheduled time. At such a time, the compliance server automatically invokes one or more audit servers to gather information about the network. The compliance server receives the gathered information and electronically applies a network policy to the information for determining compliance with the policy. A remediation task may be generated if the policy has been violated, and the task monitored until its completion.
-
公开(公告)号:US07627891B2
公开(公告)日:2009-12-01
申请号:US10779190
申请日:2004-02-13
申请人: John Leslie Williams , Brian Costello , John Patrick Ravenel , John Payne , Ryan Tadashi Nakawatase , Thomas Paul Walpole , Stephen J. Ritter , John Pelly , M. Celeste Rutherford
发明人: John Leslie Williams , Brian Costello , John Patrick Ravenel , John Payne , Ryan Tadashi Nakawatase , Thomas Paul Walpole , Stephen J. Ritter , John Pelly , M. Celeste Rutherford
CPC分类号: H04L63/0227 , H04L63/1408
摘要: A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.
摘要翻译: 基于预防的网络审计系统包括中央合规服务器,生成网络策略并配置数据通信网络的审核。 合规服务器提供图形用户界面(GUI)来描述特定数据收集参数,要分析的策略和分析时间表。 在网络上策略部署的一个或多个审计服务器采用异构数据收集工具来收集有关网络的信息以响应配置的审核,并将收集的信息发送到合规服务器。 审计储存库存储收集的信息,供合规服务器用于安全和监管政策评估,网络漏洞分析,报告生成和安全改进建议。
-
8.发明授权System and method for applying a machine-processable policy rule to information gathered about a network 有权将机器可处理策略规则应用于关于网络收集的信息的系统和方法公开(公告)号:US07536456B2
公开(公告)日:2009-05-19
申请号:US10778836
申请日:2004-02-13
申请人: John Leslie Williams , Brian Costello , John Patrick Ravenel , John Payne , Stephen J. Ritter , Ryan Tadashi Nakawatase , John Pelly , M. Celeste Rutherford
发明人: John Leslie Williams , Brian Costello , John Patrick Ravenel , John Payne , Stephen J. Ritter , Ryan Tadashi Nakawatase , John Pelly , M. Celeste Rutherford
IPC分类号: G06F15/16 , G06F15/173 , G06F15/177
CPC分类号: H04L63/14 , H04L41/0853 , H04L41/0856 , H04L41/0859 , H04L43/00 , H04L43/045 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/1433 , H04L63/20
摘要: A prevention-based network auditing system includes a central compliance server storing both natural language policy documents and machine-processable policy rules in an audit repository. The compliance server provides a client-side user interface allowing a user to easily generate a machine-auditable policy by selecting/generating a natural language policy source document, and linking the applicable machine-processable policy rules to the applicable portions of the source document. The selected machine-processable policy rules are then applied to information gathered about the network during a scheduled network audit session for efficiently and systematically determining whether policy violations and/or vulnerabilities exist.
摘要翻译: 基于预防的网络审计系统包括中央合规服务器,将自然语言策略文档和机器可处理的策略规则存储在审计存储库中。 合规性服务器提供客户端用户界面,允许用户通过选择/生成自然语言策略源文档以及将可应用的机器可处理策略规则链接到源文档的适用部分来轻松地生成机器可审核策略。 然后,所选择的机器可处理策略规则被应用于在计划的网络审计会话期间收集的关于网络的信息,以有效和系统地确定是否存在策略违规和/或漏洞。
-
公开(公告)号:US07624422B2
公开(公告)日:2009-11-24
申请号:US10778837
申请日:2004-02-13
申请人: John Leslie Williams , Brian Costello , John Patrick Ravenel , John Pelly , Ryan Tadashi Nakawatase , Thomas Paul Walpole
发明人: John Leslie Williams , Brian Costello , John Patrick Ravenel , John Pelly , Ryan Tadashi Nakawatase , Thomas Paul Walpole
CPC分类号: H04L63/14 , H04L41/0853 , H04L41/0856 , H04L41/0859 , H04L43/00 , H04L43/045 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/1433 , H04L63/20
摘要: A prevention-based network auditing system includes an audit repository storing network information gathered by a plurality of heterogeneous information sources. A semantic normalization module identifies semantic equivalencies in the gathered information, and generates a map listing for each fact gathered by an information source, an equivalent fact or set of facts gathered by each of the other information sources. A network policy is then uniformly applied to the information that is identified as being semantically equivalent.
摘要翻译: 基于预防的网络审计系统包括存储由多个异构信息源收集的网络信息的审计存储库。 语义规范化模块识别所收集的信息中的语义等价物,并且生成由信息源收集的每个事实的映射列表,由每个其他信息源收集的等效事实或一组事实。 然后将网络策略统一应用于被识别为语义等同的信息。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.035 秒)