Unlock instant, AI-driven research and patent intelligence for your innovation.

Hierarchical application of security services with a computer network

A security service, network security technology, applied in data exchange networks, digital transmission systems, electrical components, etc., can solve problems such as insecure networks

Active Publication Date: 2014-12-10
JUMIPER NETWORKS INC
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Thus, by statically preparing the IDP device to identify and / or prevent attacks on the lowest common denominator of the network or network devices, e.g., the least secure or most vulnerable network, the IDP device can enable network connectivity when the network is highly congested compromise

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Hierarchical application of security services with a computer network
  • Hierarchical application of security services with a computer network
  • Hierarchical application of security services with a computer network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] figure 1is a block diagram illustrating an exemplary network system 2 in which intrusion detection / prevention module 4 of router 10 implements hierarchical security techniques in accordance with the principles of the present invention. Although shown as a module integrated within distribution router 10, where intrusion detection / prevention module 4 ("IDP module 4") may be implemented in a separate device (such as an IDP device), firewall, or any other device separate from distribution router 10 in the network security device. Thus, although described below with reference to router 10, the hierarchical security technique may be implemented by any network device or network security device to dynamically reduce the security device in response to monitored security capabilities within a network, such as private network 6. overlapping applications.

[0021] like figure 1 As shown, network system 2 includes a private network 6 coupled to a public network 8 . Public networ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

In general, techniques are described for hierarchical application of security services with a network device. In particular, the network device receives security classification information that maps a security class to one or more computing devices. The security class identifies security capabilities of the computing devices. The network device also receives network traffic associated with the computing device and applies a set of patterns defined by a policy associated with the security class to the network traffic to detect a set of network attacks. Based on the application of the set of patterns, the network device forwards the network traffic. As a result of receiving security classification information, the network device may become aware of the security capabilities of the computing device and only apply those patterns required to augment these detected security capabilities, thereby preventing application of overlapping security services through application of these services in a hierarchical manner.

Description

technical field [0001] The present invention relates to a computer network, and more particularly to an application security service in a computer network. Background technique [0002] A computer network typically includes a number of interconnected computing devices that exchange data and share resources. These devices may include, for example, web servers, database servers, file servers, routers, printers, end-user computers, and other devices. These various devices may execute a variety of different services, operating systems (or operating system versions), and communication protocols. Each of the different services, operating systems, and communication protocols can expose the network to different security vulnerabilities. Malicious users or "hackers" can exploit these security weaknesses to gain unauthorized access to, disrupt or generally attack the network. [0003] Typically, the techniques used to detect these cyber attacks utilize pattern matching. Specifical...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1458H04L63/105H04L63/20H04L63/0263
Inventor 哈特姆·埃亚达
Owner JUMIPER NETWORKS INC