| 摘要 |
<p>A method and device for protecting a network by monitoring both incoming and outgoing data traffic (52) on multiple ports (56) of the network, and preventing transmission of unauthorized data across the ports (56). The monitoring system (50) is provided in a non-promiscuous mode and automatically denies access to data packets from a specific source based upon an associated rules table. The monitoring system (50) processes copies of the data packets resulting in minimal loss of throughput. The monitoring system (50) is also highly adaptable and provides for dynamic writing and issuing of firewall rules by updating the rule table (54). Information regarding the data packets (52) is captured, sorted and cataloged to determine attack profiles and unauthorized data packets.</p> |
