| 发明名称 |
INTEGRATED DATA TRAFFIC MONITORING SYSTEM |
| 摘要 |
The present invention includes an integrated data traffic monitoring system monitoring data traffic received from a communication network and destined for a protected network. The monitoring system includes a security appliance and one or more security and monitoring technologies such as hardware and open source and proprietary software products. The security appliance and the security and monitoring technologies may be implemented as separate and distinct modules or combined into a single security appliance. The security and monitoring technologies monitor network data traffic on, or directed to, the protected network. The monitoring system collects data from each of the technologies into an event database and, based on the data, automatically generates rules directing one or more of the technologies to prevent subsequent communications traffic from specific sources from entering the protected network. |
| 申请公布号 |
US2014380456(A1) |
申请公布日期 |
2014.12.25 |
| 申请号 |
US201414480299 |
申请日期 |
2014.09.08 |
| 申请人 |
THE BARRIER GROUP, LLC |
发明人 |
Demopoulos Robert James;Fladebo David James |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. An integrated computing network security system configured to receive incoming communication data packets from a communication network and transmit the incoming communication data packets to a protected network, the integrated computing network security system comprising:
a threat event database; a plurality of monitors, each monitor in communication with the threat event database and configured to:
analyze the incoming communication data packets from the communication network and identify the communication packets that pose a security threat to the protected network by applying a plurality of security rules,generate a threat event data for each of the communication packets that were found to pose the security threat to the protected network, andtransmit the threat event data for the security threat to a threat event database, the event data including a source IP address of the incoming communication data packets that were found to pose the security threat to the protected network,wherein each of the plurality of monitors is configured to their respective threat event data in the threat event records of the threat event database; a security system integrator configured to analyze the threat event data and the plurality of threat event records and, based on the results of the analysis, automatically generate at least one new security rule and add the at least one new security rule to the plurality of security rules before a subsequent incoming communication data packet is analyzed by the plurality of monitors. |
| 地址 |
Ramsey MN US |
