| 发明名称 |
Delivering Security Functions to Distributed Networks |
| 摘要 |
Systems and methods for delivering security functions to a distributed network are described herein. An exemplary method may include: processing a data packet received from a switch, the data packet directed to the at least one network asset; selectively forwarding the data packet using the processing and a rule set; inspecting the forwarded packet; directing the enforcement point to at least one of forward the data packet to the at least one network asset and drop the data packet, using the inspection and the rule set; accumulating data associated with at least one of the data packet, the processing, and the inspection; analyzing the at least one of the data packet, the processing, and the inspection; and initiating compilation of a high-level security policy by the compiler using the analysis to produce an updated rule set. |
| 申请公布号 |
US2017078247(A1) |
申请公布日期 |
2017.03.16 |
| 申请号 |
US201615342982 |
申请日期 |
2016.11.03 |
| 申请人 |
vArmour Networks, Inc. |
发明人 |
Woolward Marc;Shieh Choung-Yaw;Lian Jia-Jyi |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method comprising:
getting a security policy for a data network, the security policy allowing and/or prohibiting communications between a plurality of network assets and indicating groupings of the plurality of network assets using a common security characteristic corresponding to the respective grouping; initiating compilation of the security policy to produce a rule set, the rule set blocking communication between specific ones of the plurality of network assets using at least one of a source address, source port, destination address, destination port, and an application protocol associated with the communication; providing the rule set to at least one enforcement point; receiving at least one of analytics and a log corresponding to communications in the data network, the at least one of analytics and a log produced by a logging module; calculating a risk score corresponding to the plurality of network asset, the risk score being a measurement of relative security corresponding to the plurality of network asset; initiating a re-compiling of the security policy to produce an updated rule set using the calculated risk score; and disseminating the updated rule set to the at least one enforcement point. |
| 地址 |
Mountain View CA US |
