| 发明名称 |
DYNAMIC PROVISIONING OF PROTECTION SOFTWARE IN A HOST INTRUSION PREVENTION SYSTEM |
| 摘要 |
Methods and apparatus for optimizing security configurations of a set of computers are disclosed. A set of local servers, each functioning as a deep-security manager supporting a respective subset of the computers, maintains protection software containing filters and rules for deploying each filter. A local server receives updated protection software from a central server. Each local server interrogates each computer of its subset of computers to acquire computer-characterizing data and applies relevant rules to determine an optimal set of filters for each computer. Each rule adaptively determines required characterizing data elements from each computer for determining an optimal security configuration. A local server updates the security configuration of a computer to suit changes in the operational environment of the computer. |
| 申请公布号 |
US2016241593(A1) |
申请公布日期 |
2016.08.18 |
| 申请号 |
US201514590916 |
申请日期 |
2015.01.06 |
| 申请人 |
DURIE Anthony Robert;MCGEE William G. |
发明人 |
DURIE Anthony Robert;MCGEE William G. |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. An intrusion-protection method for protecting a plurality of hosts, the method comprising:
identification of intrusion patterns; devising a set of data filters, each data filter corresponding to at least one of said intrusion patterns; formulating a set of descriptors for characterizing said plurality of hosts; determining a set of rules, each rule associated with a respective data filter in said set of data filters and with a subset of descriptors from among said set of descriptors; executing, for a selected host, a selected rule from among said set of rules using content of a respective subset of descriptors; and ascertaining relevance of a specific data filter associated with said selected rule to said selected host according to a result of said executing. |
| 地址 |
Ottawa CA |
