| 发明名称 | Methods and systems for managing security in a network | ||
| 摘要 | Methods, systems and computer readable mediums storing computer executable programs for managing security in a network are disclosed. A plurality of security policies associated with a plurality of network data anomalies are provided at a network management system. Each one of the plurality of security policies defines a network data anomaly specific mitigation response for each one of the plurality of network data anomalies. A first network data anomaly is detected at the network management system. A determination is made at the network management system regarding whether a first one of the plurality of security policies defines a first network data anomaly specific mitigation response to the first network data anomaly. A first mitigation command is issued from the network management system to at least one network system to implement the first network data anomaly specific mitigation response for a pre-defined period of time in accordance with the first security policy based on the determination. | ||
| 申请公布号 | US9185122(B2) | 申请公布日期 | 2015.11.10 |
| 申请号 | US200812249603 | 申请日期 | 2008.10.10 |
| 申请人 | HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. | 发明人 | Yalakanti Ramachandra;Dawson Devon L.;Britt Steve |
| 分类号 | G06F15/173;G06F11/00;H04L29/06;H04L12/24 | 主分类号 | G06F15/173 |
| 代理机构 | Hewlett-Packard Patent Department | 代理人 | Hewlett-Packard Patent Department |
| 主权项 | 1. A method of managing security in a network, the method comprising: providing a plurality of security policies associated with a plurality of network data anomalies at a network management system, each one of the plurality of security policies defining a network data anomaly specific mitigation response for each one of the plurality of network data anomalies; detecting a first network data anomaly at the network management system; selecting a threat assessment system to assess the first network data anomaly; issuing, by the network management system, a command to a source data port where the first network data anomaly was detected to mirror network data received at the source data port to the selected threat assessment system; receiving, from the selected threat assessment system, a confirmation of the first network data anomaly; determining at the network management system whether a first one of the plurality of security policies defines a first network data anomaly specific mitigation response to the first network data anomaly; and issuing a first mitigation command from the network management system to at least one network system to implement the first network data anomaly specific mitigation response for a pre-defined period of time in accordance with the first security policy based on the determination. | ||
| 地址 | Houston TX US | ||