Dynamic traffic steering system and method in a network
First Claim
Patent Images
1. A security system for use in a communications network, said network comprising means to allow a plurality of devices to communicate over the network;
- a security agent configured on at least one device and adapted to communicate with the security system;
said system comprising;
a security analytics module configured to store traffic patterns to and from devices in the network, the patterns used as baseline reference traffic patterns for detecting traffic to or from other devices; and
a steering control module configured to perform dynamic intelligent traffic steering from the device based on analysis of data traffic on the network or on the device by (i) storing a history for the device based on activity of the device over time, (ii) determining whether activity of the device matches out-of-the-ordinary characteristic patterns based on the baseline reference traffic patterns, (iii) assigning to the device a first policy configured for a matched characteristic pattern, and (iv) assigning a second policy to the device in response to and based on an analysis of behavioural changes of the device;
wherein the device'"'"'s propensity to exhibit suspicious or normal behaviour in the past influences which policy is assigned to the device, and wherein the steering decision is made to select a channel on a per flow basis based on the policy assigned to the device.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides a security system and method for use in a communications network, said network comprising means to allow a plurality of devices to communicate over the network; a security agent configured on at least one device and adapted to communicate with the security system; said system comprising: means for performing dynamic intelligent traffic steering from the device based on analysis of data traffic on the network or on the device, wherein the steering decision can be made to select a channel on a per flow basis.
32 Citations
23 Claims
-
1. A security system for use in a communications network, said network comprising means to allow a plurality of devices to communicate over the network;
- a security agent configured on at least one device and adapted to communicate with the security system;
said system comprising;a security analytics module configured to store traffic patterns to and from devices in the network, the patterns used as baseline reference traffic patterns for detecting traffic to or from other devices; and a steering control module configured to perform dynamic intelligent traffic steering from the device based on analysis of data traffic on the network or on the device by (i) storing a history for the device based on activity of the device over time, (ii) determining whether activity of the device matches out-of-the-ordinary characteristic patterns based on the baseline reference traffic patterns, (iii) assigning to the device a first policy configured for a matched characteristic pattern, and (iv) assigning a second policy to the device in response to and based on an analysis of behavioural changes of the device; wherein the device'"'"'s propensity to exhibit suspicious or normal behaviour in the past influences which policy is assigned to the device, and wherein the steering decision is made to select a channel on a per flow basis based on the policy assigned to the device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 23)
- a security agent configured on at least one device and adapted to communicate with the security system;
-
22. A method of providing security in a communications network, said network comprising means to allow a plurality of devices to communicate over the network;
- a security agent configured on at least one device and adapted to communicate with the security system;
said method comprising;performing dynamic intelligent traffic steering from the device based on analysis of data traffic on the network or on the device, wherein the analysis of the data traffic includes; storing traffic patterns to and from devices in the network, the patterns used as baseline reference traffic patterns for detecting traffic to or from other devices; storing a history for the device based on activity of the device over time; determining whether activity of the device matches out-of-the-ordinary characteristic patterns based on the baseline reference traffic patterns; assigning to the device a first policy configured for a matched characteristic pattern, the device'"'"'s propensity to exhibit suspicious or normal behaviour in the past influencing which policy is assigned to the device; and assigning a second policy to the device in response to and based on an analysis of behavioural changes of the device, and wherein the steering decision is made to select a channel on a per flow basis based on the policy assigned to the device.
- a security agent configured on at least one device and adapted to communicate with the security system;
Specification