| 发明名称 |
SYSTEMS AND METHODS FOR SCALABLE NETWORK MONITORING |
| 摘要 |
A network security device may gather a large amount of metadata pertaining to the connections being managed thereby. A refinement module may filter and/or aggregate the connection metadata. The metadata may be refined on the network security device. The refined metadata may be provided for display on a terminal. The refined metadata may include a subset of the larger connection metadata, which may reduce the overhead required to display and/or transmit monitoring information to the terminal device. The refined metadata may comprise connection groups, which may be formed based on aggregation criteria, such as connection source, destination, application, security policy, protocol, port, and/or the like. The connection groups may be ranked in accordance with ranking criteria. |
| 申请公布号 |
US2014289390(A1) |
申请公布日期 |
2014.09.25 |
| 申请号 |
US201313871896 |
申请日期 |
2013.04.26 |
| 申请人 |
WATCHGUARD TECHNOLOGIES, INC. |
发明人 |
Hughes Mark D.;Naess Eivind |
| 分类号 |
H04L12/26 |
主分类号 |
H04L12/26 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A system comprising:
a network security computing device comprising a processor and computer-readable storage medium, the network security device communicatively coupled to an internal network and an external network, wherein the network security device is configured to manage a plurality of connections between entities in the internal network and entities in the external network; a monitoring module embodied on the computer-readable storage medium and executable by the processor to acquire connection metadata comprising connection entries describing respective connections; a refinement module embodied on the computer-readable storage medium and executable by the processor configured to generate refined connection metadata in response to the acquired connection metadata, wherein generating the refined connection metadata comprises
combining connection entries to form connection groups, such that each connection group corresponds to a set of connection entries in the acquired connection metadata, andranking the respective connection groups based on a ranking criterion; and a communication module configured to provide the refined metadata comprising the ranked connection groups to a terminal. |
| 地址 |
Seattle WA US |
