WO2001099373A3 - System and method for security policy - Google Patents

System and method for security policy Download PDF

Info

Publication number
WO2001099373A3
WO2001099373A3 PCT/US2001/019333 US0119333W WO0199373A3 WO 2001099373 A3 WO2001099373 A3 WO 2001099373A3 US 0119333 W US0119333 W US 0119333W WO 0199373 A3 WO0199373 A3 WO 0199373A3
Authority
WO
WIPO (PCT)
Prior art keywords
network
security policy
security
policy
listening
Prior art date
Application number
PCT/US2001/019333
Other languages
French (fr)
Other versions
WO2001099373A2 (en
Inventor
Kieran Gerard Sherlock
Geoffrey Cooper
Luis Filipe Pereira Valente
Jose Amador
Paul Wang
Robert Allen Shaw
Kevin Cornwall
Original Assignee
Securify Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/826,602 external-priority patent/US20020093527A1/en
Priority claimed from US09/881,147 external-priority patent/US20030061506A1/en
Application filed by Securify Inc filed Critical Securify Inc
Priority to AU2001269870A priority Critical patent/AU2001269870A1/en
Publication of WO2001099373A2 publication Critical patent/WO2001099373A2/en
Publication of WO2001099373A3 publication Critical patent/WO2001099373A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0686Additional information in the notification, e.g. enhancement of specific meta-data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/06Generation of reports
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Abstract

A network security policy monitoring system and method for performing network and security assessments based on system-wide policy. Real network traffic is analyzed to identify abnormal traffic patterns, system vulnerabilities, and incorrect configuration of computer systems on a network, by listening on a network, logging events, and taking action.
PCT/US2001/019333 2000-06-16 2001-06-15 System and method for security policy WO2001099373A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001269870A AU2001269870A1 (en) 2000-06-16 2001-06-15 System and method for security policy

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US21212600P 2000-06-16 2000-06-16
US60/212,126 2000-06-16
US09/826,602 2001-04-05
US09/826,602 US20020093527A1 (en) 2000-06-16 2001-04-05 User interface for a security policy system and method
US09/881,147 US20030061506A1 (en) 2001-04-05 2001-06-14 System and method for security policy
US09/881,147 2001-06-14

Publications (2)

Publication Number Publication Date
WO2001099373A2 WO2001099373A2 (en) 2001-12-27
WO2001099373A3 true WO2001099373A3 (en) 2003-02-06

Family

ID=27395694

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/019333 WO2001099373A2 (en) 2000-06-16 2001-06-15 System and method for security policy

Country Status (2)

Country Link
AU (1) AU2001269870A1 (en)
WO (1) WO2001099373A2 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8849993B2 (en) 2000-06-16 2014-09-30 Intel Corporation Method and apparatus for rate limiting
US9195937B2 (en) 2009-02-25 2015-11-24 Mcafee, Inc. System and method for intelligent state management
US9253154B2 (en) 2008-08-12 2016-02-02 Mcafee, Inc. Configuration management for a capture/registration system
US9313232B2 (en) 2009-03-25 2016-04-12 Mcafee, Inc. System and method for data mining and security policy management
US9374225B2 (en) 2003-12-10 2016-06-21 Mcafee, Inc. Document de-registration
US9430564B2 (en) 2011-12-27 2016-08-30 Mcafee, Inc. System and method for providing data protection workflows in a network environment
CN106941493B (en) * 2017-03-30 2020-02-18 北京奇艺世纪科技有限公司 Network security situation perception result output method and device
CN108632081B (en) * 2018-03-26 2021-10-08 中国科学院计算机网络信息中心 Network situation evaluation method, device and storage medium

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8656039B2 (en) 2003-12-10 2014-02-18 Mcafee, Inc. Rule parser
US7958227B2 (en) 2006-05-22 2011-06-07 Mcafee, Inc. Attributes of captured objects in a capture system
US8850591B2 (en) 2009-01-13 2014-09-30 Mcafee, Inc. System and method for concept building
US8806615B2 (en) 2010-11-04 2014-08-12 Mcafee, Inc. System and method for protecting specified data combinations
TWI592821B (en) 2012-06-07 2017-07-21 普波因特股份有限公司 Method for providing threat dashboard and cloud-based threat detection system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1993011480A1 (en) * 1991-11-27 1993-06-10 Intergraph Corporation System and method for network license administration
US5557747A (en) * 1993-06-22 1996-09-17 Rogers; Lawrence D. Network policy implementation system for performing network control operations in response to changes in network state
EP0909074A1 (en) * 1997-09-12 1999-04-14 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with multiple domain support
US5991877A (en) * 1997-04-03 1999-11-23 Lockheed Martin Corporation Object-oriented trusted application framework
WO1999067930A2 (en) * 1998-06-19 1999-12-29 Ssh Communications Security Ltd. Method and arrangement for implementing ipsec policy management using filter code
WO2000035130A1 (en) * 1998-12-04 2000-06-15 Ukiah Software, Inc. Directory enabled policy management tool for intelligent traffic management
EP1143660A2 (en) * 1999-06-10 2001-10-10 Alcatel Internetworking, Inc. State transition protocol for high availability units

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1993011480A1 (en) * 1991-11-27 1993-06-10 Intergraph Corporation System and method for network license administration
US5557747A (en) * 1993-06-22 1996-09-17 Rogers; Lawrence D. Network policy implementation system for performing network control operations in response to changes in network state
US5991877A (en) * 1997-04-03 1999-11-23 Lockheed Martin Corporation Object-oriented trusted application framework
EP0909074A1 (en) * 1997-09-12 1999-04-14 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with multiple domain support
WO1999067930A2 (en) * 1998-06-19 1999-12-29 Ssh Communications Security Ltd. Method and arrangement for implementing ipsec policy management using filter code
WO2000035130A1 (en) * 1998-12-04 2000-06-15 Ukiah Software, Inc. Directory enabled policy management tool for intelligent traffic management
EP1143660A2 (en) * 1999-06-10 2001-10-10 Alcatel Internetworking, Inc. State transition protocol for high availability units

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8849993B2 (en) 2000-06-16 2014-09-30 Intel Corporation Method and apparatus for rate limiting
US9374225B2 (en) 2003-12-10 2016-06-21 Mcafee, Inc. Document de-registration
US9253154B2 (en) 2008-08-12 2016-02-02 Mcafee, Inc. Configuration management for a capture/registration system
US9195937B2 (en) 2009-02-25 2015-11-24 Mcafee, Inc. System and method for intelligent state management
US9602548B2 (en) 2009-02-25 2017-03-21 Mcafee, Inc. System and method for intelligent state management
US9313232B2 (en) 2009-03-25 2016-04-12 Mcafee, Inc. System and method for data mining and security policy management
US9430564B2 (en) 2011-12-27 2016-08-30 Mcafee, Inc. System and method for providing data protection workflows in a network environment
CN106941493B (en) * 2017-03-30 2020-02-18 北京奇艺世纪科技有限公司 Network security situation perception result output method and device
CN108632081B (en) * 2018-03-26 2021-10-08 中国科学院计算机网络信息中心 Network situation evaluation method, device and storage medium

Also Published As

Publication number Publication date
AU2001269870A1 (en) 2002-01-02
WO2001099373A2 (en) 2001-12-27

Similar Documents

Publication Publication Date Title
WO2001099031A3 (en) User interface for a security policy system and method
WO2001099373A3 (en) System and method for security policy
CN107241224B (en) Network risk monitoring method and system for transformer substation
DE60124295D1 (en) RIVER-BASED DETECTION OF AN INSERT INTO A NETWORK
GB2393607A (en) Method and a system for monitoring control signal traffic over a computer network
WO2003067847A3 (en) Integrated network intrusion detection
WO2004090675A3 (en) System and method for performing storage operations through a firewall
EP3820108B1 (en) Security detection method, apparatus and device
DE60330659D1 (en) METHOD AND DEVICE FOR COLLECTING AND DISPLAYING NETWORK DEVICE INFORMATION
AU2003223379A1 (en) Adaptive behavioral intrusion detection systems and methods
IL164609A0 (en) Detecting and countering malicious code in enterprise networks
WO2004028121A3 (en) System and method for wireless local area network monitoring and intrusion detection
WO2001052496A3 (en) A declarative language for specifying a security policy
WO2004023730A3 (en) System and method for remotely monitoring wirless networks
WO2002057935A8 (en) Method and device for monitoring data traffic and preventing unauthorized access to a network
CA2473444A1 (en) System and method for network vulnerability detection and reporting
WO2000031963A8 (en) Apparatus and method for collecting and analyzing communications data
CN113037745A (en) Intelligent substation risk early warning system and method based on security situation awareness
CN103491060A (en) Method, device and system for defending against Web attacks
GB0418975D0 (en) System and method of network fault monitoring
WO2005026874A3 (en) System and method for surveilling a computer network
CN112149120A (en) Transparent transmission type double-channel electric power Internet of things safety detection system
CN112968885A (en) Edge computing platform safety protection method and device
WO2004051929A1 (en) Audit platform system for application process based on components
WO2004070547A3 (en) Method and device for monitoring data traffic and preventing unauthorized access to a network

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP