公开(公告)号：US20130014255A1

公开(公告)日：2013-01-10

申请号：US13604771

申请日：2012-09-06

申请人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

发明人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

IPC分类号： G06F21/00

CPC分类号： H04L63/20 ,  H04L63/1408 ,  H04L63/1441

摘要： A method includes receiving an indication of at least one detected security issue at a network device. The indication is received at a security manager processor from a security agent. The method includes selecting, via the security manager processor, at least one executable security object responsive to the indication. The security manager processor verifies compatibility between the at least one executable security object, the network device, and communication media. The method also includes sending the at least one executable security object to the network device via the security manager processor to provide a protective security measure to the network device against the at least one detected security issue upon execution of the at least one executable security object.

摘要翻译： 一种方法包括在网络设备处接收至少一个检测到的安全问题的指示。 来自安全代理的安全管理器处理器接收到该指示。 该方法包括经由安全管理器处理器响应于该指示来选择至少一个可执行安全对象。 安全管理器处理器验证至少一个可执行安全对象，网络设备和通信介质之间的兼容性。 该方法还包括经由安全管理器处理器将至少一个可执行安全对象发送到网络设备，以在执行至少一个可执行安全对象时针对该至少一个检测到的安全问题向网络设备提供保护性安全措施。

公开(公告)号：US09038173B2

公开(公告)日：2015-05-19

申请号：US13604771

申请日：2012-09-06

申请人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

发明人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

IPC分类号： H04L29/06

CPC分类号： H04L63/20 ,  H04L63/1408 ,  H04L63/1441

摘要： A method includes receiving an indication of at least one detected security issue at a network device. The indication is received at a security manager processor from a security agent. The method includes selecting, via the security manager processor, at least one executable security object responsive to the indication. The security manager processor verifies compatibility between the at least one executable security object, the network device, and communication media. The method also includes sending the at least one executable security object to the network device via the security manager processor to provide a protective security measure to the network device against the at least one detected security issue upon execution of the at least one executable security object.

摘要翻译： 一种方法包括在网络设备处接收至少一个检测到的安全问题的指示。 来自安全代理的安全管理器处理器接收到该指示。 该方法包括经由安全管理器处理器响应于该指示来选择至少一个可执行安全对象。 安全管理器处理器验证至少一个可执行安全对象，网络设备和通信介质之间的兼容性。 该方法还包括经由安全管理器处理器将至少一个可执行安全对象发送到网络设备，以在执行至少一个可执行安全对象时针对该至少一个检测到的安全问题向网络设备提供保护性安全措施。

公开(公告)号：US20110078792A1

公开(公告)日：2011-03-31

申请号：US12895272

申请日：2010-09-30

申请人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

发明人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

IPC分类号： G06F21/00

CPC分类号： H04L63/20 ,  H04L63/1408 ,  H04L63/1441

摘要： A method includes receiving an indication of at least one detected security issue at a network device. The indication is received from a security agent at a security manager processor. The method includes polling, via the security manager processor, at least one other network device in response to the indication in order to retrieve additional information when the security manager processor determines that the additional information is needed. The method includes selecting, via the security manager processor, at least one executable security object responsive to the indication and the additional information. The method also includes initiating communication of the at least one executable security object to the network device via the security manager processor.

摘要翻译： 一种方法包括在网络设备处接收至少一个检测到的安全问题的指示。 从安全管理器处理器的安全代理接收指示。 该方法包括响应于该指示通过安全管理器处理器轮询至少一个其他网络设备，以便在安全管理器处理器确定需要附加信息时检索附加信息。 该方法包括响应于该指示和附加信息经由安全管理器处理器选择至少一个可执行安全对象。 该方法还包括经由安全管理器处理器发起至少一个可执行安全对象到网络设备的通信。

公开(公告)号：US08286242B2

公开(公告)日：2012-10-09

申请号：US12895272

申请日：2010-09-30

申请人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

发明人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

IPC分类号： H04L29/06 ,  G06F21/00

CPC分类号： H04L63/20 ,  H04L63/1408 ,  H04L63/1441

摘要： A method includes receiving an indication of at least one detected security issue at a network device. The indication is received from a security agent at a security manager processor. The method includes polling, via the security manager processor, at least one other network device in response to the indication in order to retrieve additional information when the security manager processor determines that the additional information is needed. The method includes selecting, via the security manager processor, at least one executable security object responsive to the indication and the additional information. The method also includes initiating communication of the at least one executable security object to the network device via the security manager processor.

摘要翻译： 一种方法包括在网络设备处接收至少一个检测到的安全问题的指示。 从安全管理器处理器的安全代理接收指示。 该方法包括响应于该指示通过安全管理器处理器轮询至少一个其他网络设备，以便在安全管理器处理器确定需要附加信息时检索附加信息。 该方法包括响应于该指示和附加信息经由安全管理器处理器选择至少一个可执行安全对象。 该方法还包括经由安全管理器处理器发起至少一个可执行安全对象到网络设备的通信。

公开(公告)号：US07832006B2

公开(公告)日：2010-11-09

申请号：US11200249

申请日：2005-08-09

申请人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

发明人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian A. Gonsalves ,  Michael Taylor

IPC分类号： G06F21/00

CPC分类号： H04L63/20 ,  H04L63/1408 ,  H04L63/1441

摘要： The present disclosure provides a system and method configured to manage and facilitate network security. When a lack of security in a communication network is detected by a security agent or when a remote device requests security, a security profile can be determined by a security manager based on the detection or the request and the available network equipment. The security profile may contain numerous executable security objects that are selected based on the security issue and parameters of the specific network device(s) that will be implementing the security feature. The system and method may include a plurality of executable security objects configured to provide security for operations associated with multiple network devices communication over the network.

摘要翻译： 本公开提供了一种被配置为管理和促进网络安全性的系统和方法。 当安全代理检测到通信网络中的安全性不足或当远程设备请求安全性时，可以由安全管理器基于检测或请求以及可用的网络设备来确定安全简档。 安全简档可以包含许多可执行的安全对象，这些对象是基于安全问题和将要实现安全特征的特定网络设备的参数来选择的。 该系统和方法可以包括多个可执行安全对象，被配置为为与多个网络设备通过网络通信相关联的操作提供安全性。

公开(公告)号：US20070039047A1

公开(公告)日：2007-02-15

申请号：US11200249

申请日：2005-08-09

申请人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian Gonsalves ,  Michael Taylor

发明人： Zesen Chen ,  Yongdong Zhao ,  Peter Chou ,  Brian Gonsalves ,  Michael Taylor

IPC分类号： G06F15/16 ,  G06F12/14 ,  G06F11/00 ,  G06F17/00 ,  G06F9/00 ,  G06F12/16 ,  G06F15/18 ,  G08B23/00

CPC分类号： H04L63/20 ,  H04L63/1408 ,  H04L63/1441

摘要： The present disclosure provides a system and method configured to and facilitate network security. When a lack of security in a communication network is detected by a security agent or when a remote device requests security, a security profile can be determined by a security manager based on the detection or the request and the available network equipment. The security profile may contain numerous executable security objects that are selected based on the security issue and parameters of the specific network device(s) that will be implementing the security feature. The system and method may include a plurality of executable security objects configured to provide security for operations associated with multiple network devices communication over the network.

摘要翻译： 本公开提供了一种被配置为并促进网络安全性的系统和方法。 当安全代理检测到通信网络中的安全性不足或当远程设备请求安全性时，可以由安全管理器基于检测或请求以及可用的网络设备来确定安全简档。 安全简档可以包含许多可执行的安全对象，这些对象是基于安全问题和将要实现安全特征的特定网络设备的参数来选择的。 该系统和方法可以包括多个可执行安全对象，被配置为为与多个网络设备通过网络通信相关联的操作提供安全性。

公开(公告)号：US07983176B2

公开(公告)日：2011-07-19

申请号：US11228134

申请日：2005-09-16

申请人： Zesen Chen ,  Peter Chou ,  Sean Chen ,  Yongdong Zhao

发明人： Zesen Chen ,  Peter Chou ,  Sean Chen ,  Yongdong Zhao

IPC分类号： H04J3/14

CPC分类号： H04M7/006 ,  H04L41/0213 ,  H04L43/00 ,  H04M3/2281

摘要： A system and method are disclosed for monitoring communications of an individual in a packet network. A system that incorporates teachings of the present disclosure may include, for example, a network monitor having a communications interface coupled to a packet network, and a controller. The controller can be programmed to receive a request from a third party to monitor communications associated with an individual, convey to the third party information monitored on a group of one or more permanent virtual circuits (PVCs) of the packet network associated with the individual, detect an update in the group of one or more PVCs, determine new set of one or more PVCs associated with the individual, and convey to the third party information monitored from the new set of one or more PVCs.

摘要翻译： 公开了一种用于监视分组网络中的个人的通信的系统和方法。 结合本公开的教导的系统可以包括例如具有耦合到分组网络的通信接口的网络监视器和控制器。 控制器可以被编程为接收来自第三方的请求以监视与个人相关联的通信，将与个人相关联的分组网络的一组或多个永久虚拟电路（PVC）的组中监视的信息传达给第三方信息， 检测一个或多个PVC组中的更新，确定与个体相关联的一组或多个PVC的新集合，并将新信息传达给第三方信息。

公开(公告)号：US20060280183A1

公开(公告)日：2006-12-14

申请号：US11149631

申请日：2005-06-10

申请人： Sean Chen ,  Zesen Chen ,  Yongdong Zhao ,  Peter Chou

发明人： Sean Chen ,  Zesen Chen ,  Yongdong Zhao ,  Peter Chou

IPC分类号： H04L12/56

CPC分类号： H04L43/12 ,  H04L12/5601 ,  H04L2012/5626 ,  H04L2012/5636

摘要： A method and apparatus for automatic synchronization of monitoring points for a network management system (“NMS”) along a permanent virtual circuit (“PVC”) is disclosed. A NMS in an synchronous transfer mode (“ATM”) network coupled to a plurality of ATM switches is operative to monitor each of the plurality of ATM switches storied in a monitoring service object corresponding to a PVC. The NMS receives at least one notification from at least one ATM switch of the plurality of ATM switches indicating an ATM switch has been added or removed from the PVC. In response to the at least notification, the NMS adds at least one ATM switch to the monitoring service object or removes at least one ATM switch from the monitoring service object.

摘要翻译： 公开了一种用于沿着永久虚拟电路（“PVC”）的网络管理系统（“NMS”）的监视点的自动同步的方法和装置。 耦合到多个ATM交换机的同步传送模式（“ATM”）网络中的NMS可操作以监视存储在对应于PVC的监视服务对象中的多个ATM交换机中的每一个。 NMS从多个ATM交换机中的至少一个ATM交换机接收至少一个通知，指示已经从PVC添加或移除了ATM交换机。 响应于至少通知，NMS向监控服务对象添加至少一个ATM交换机，或从监控服务对象中移除至少一个ATM交换机。

公开(公告)号：US07889744B2

公开(公告)日：2011-02-15

申请号：US11149631

申请日：2005-06-10

申请人： Sean Chen ,  Zesen Chen ,  Yongdong Zhao ,  Peter Chou

发明人： Sean Chen ,  Zesen Chen ,  Yongdong Zhao ,  Peter Chou

IPC分类号： H04L12/56 ,  H04L12/54

CPC分类号： H04L43/12 ,  H04L12/5601 ,  H04L2012/5626 ,  H04L2012/5636

摘要： A method and apparatus for automatic synchronization of monitoring points for a network management system (“NMS”) along a permanent virtual circuit (“PVC”) is disclosed. A NMS in an asynchronous transfer mode (“ATM”) network coupled to a plurality of ATM switches is operative to monitor each of the plurality of ATM switches storied in a monitoring service object corresponding to a PVC. The NMS receives at least one notification from at least one ATM switch of the plurality of ATM switches indicating an ATM switch has been added or removed from the PVC. In response to the at least notification, the NMS adds at least one ATM switch to the monitoring service object or removes at least one ATM switch from the monitoring service object.

摘要翻译： 公开了一种用于沿着永久虚拟电路（“PVC”）的网络管理系统（“NMS”）的监视点的自动同步的方法和装置。 耦合到多个ATM交换机的异步传输模式（“ATM”）网络中的NMS可操作以监视存储在对应于PVC的监控服务对象中的多个ATM交换机中的每一个。 NMS从多个ATM交换机中的至少一个ATM交换机接收至少一个通知，指示已经从PVC添加或移除了ATM交换机。 响应于至少通知，NMS向监控服务对象添加至少一个ATM交换机，或从监控服务对象中移除至少一个ATM交换机。

公开(公告)号：US20070064678A1

公开(公告)日：2007-03-22

申请号：US11228134

申请日：2005-09-16

申请人： Zesen Chen ,  Peter Chou ,  Sean Chen ,  Yongdong Zhao

发明人： Zesen Chen ,  Peter Chou ,  Sean Chen ,  Yongdong Zhao

IPC分类号： H04L12/66

CPC分类号： H04M7/006 ,  H04L41/0213 ,  H04L43/00 ,  H04M3/2281

摘要： A system and method are disclosed for monitoring communications of an individual in a packet network. A system that incorporates teachings of the present disclosure may include, for example, a network monitor (100) having a communications interface (110) coupled to a packet network (101), and a controller (102). The controller can be programmed to receive (202) a request from a third party to monitor communications associated with an individual, convey (204) to the third party information monitored on a group of one or more permanent virtual circuits (PVCs) of the packet network associated with the individual, detect (205, 206) an update in the group of one or more PVCs, determine (212) a new set of one or more PVCs associated with the individual, and convey (216) to the third party information monitored from the new set of one or more PVCs.

摘要翻译： 公开了一种用于监视分组网络中的个人的通信的系统和方法。 结合本公开的教导的系统可以包括例如具有耦合到分组网络（101）的通信接口（110）的网络监视器（100）和控制器（102）。 控制器可以被编程为接收（202）来自第三方的请求以监视与个人相关联的通信，将（204）传送（204）到在分组的一个或多个永久虚拟电路（PVC）的组上监视的第三方信息 与个人相关联的网络，检测（205,206）一个或多个PVC组中的更新，确定（212）与该个体相关联的一组或多个PVC的新集合，并将（216）传达给第三方信息 从新的一套或多台PVC监测。