发明名称 |
Methods and systems for managing security in a network |
摘要 |
Methods, systems and computer readable mediums storing computer executable programs for managing security in a network are disclosed. A plurality of security policies associated with a plurality of network data anomalies are provided at a network management system. Each one of the plurality of security policies defines a network data anomaly specific mitigation response for each one of the plurality of network data anomalies. A first network data anomaly is detected at the network management system. A determination is made at the network management system regarding whether a first one of the plurality of security policies defines a first network data anomaly specific mitigation response to the first network data anomaly. A first mitigation command is issued from the network management system to at least one network system to implement the first network data anomaly specific mitigation response for a pre-defined period of time in accordance with the first security policy based on the determination. |
申请公布号 |
US9185122(B2) |
申请公布日期 |
2015.11.10 |
申请号 |
US200812249603 |
申请日期 |
2008.10.10 |
申请人 |
HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. |
发明人 |
Yalakanti Ramachandra;Dawson Devon L.;Britt Steve |
分类号 |
G06F15/173;G06F11/00;H04L29/06;H04L12/24 |
主分类号 |
G06F15/173 |
代理机构 |
Hewlett-Packard Patent Department |
代理人 |
Hewlett-Packard Patent Department |
主权项 |
1. A method of managing security in a network, the method comprising:
providing a plurality of security policies associated with a plurality of network data anomalies at a network management system, each one of the plurality of security policies defining a network data anomaly specific mitigation response for each one of the plurality of network data anomalies; detecting a first network data anomaly at the network management system; selecting a threat assessment system to assess the first network data anomaly; issuing, by the network management system, a command to a source data port where the first network data anomaly was detected to mirror network data received at the source data port to the selected threat assessment system; receiving, from the selected threat assessment system, a confirmation of the first network data anomaly; determining at the network management system whether a first one of the plurality of security policies defines a first network data anomaly specific mitigation response to the first network data anomaly; and issuing a first mitigation command from the network management system to at least one network system to implement the first network data anomaly specific mitigation response for a pre-defined period of time in accordance with the first security policy based on the determination. |
地址 |
Houston TX US |