System and method for providing computer network security

US 10,250,630 B2
Filed: 11/17/2015
Issued: 04/02/2019
Est. Priority Date: 10/05/2015
Status: Active Grant

First Claim

Patent Images

1. A method for providing computer network security, the method comprising:

gathering, via a processor, real-time threat information from one or more sources;

deriving, via the processor, security intelligence based on the real-time threat information;

determining, via the processor, a security measure based on the security intelligence; and

dynamically applying, via the processor, the security measure to a computer network using a set of virtual appliances and a set of virtual switches,wherein dynamically applying comprises;

mapping the security measure to the set of virtual appliances, the set of virtual switches, and to a plurality of packet filters,dynamically instantiating each virtual appliance in the set of virtual appliances based on the mapping using software defined networking,service chaining virtual appliances in the set to connect the instantiated virtual appliances according to the mapping, anddynamically programming, based on the mapping, the set of virtual switches using the plurality of packet filters to steer network traffic to the instantiated set of virtual appliances.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure relates generally to computer network, and more particularly to a system and method for providing computer network security. In one embodiment, a method is provided for providing computer network security. The method comprises gathering threat information from one or more sources, deriving security intelligence based on the threat information, determining a security measure based on the security intelligence, and dynamically applying the security measure to a computer network using a set of virtual appliances and a set of virtual switches.

Citations

14 Claims

1. A method for providing computer network security, the method comprising:
- gathering, via a processor, real-time threat information from one or more sources;
  
  deriving, via the processor, security intelligence based on the real-time threat information;
  
  determining, via the processor, a security measure based on the security intelligence; and
  
  dynamically applying, via the processor, the security measure to a computer network using a set of virtual appliances and a set of virtual switches,wherein dynamically applying comprises;
  
  mapping the security measure to the set of virtual appliances, the set of virtual switches, and to a plurality of packet filters,dynamically instantiating each virtual appliance in the set of virtual appliances based on the mapping using software defined networking,service chaining virtual appliances in the set to connect the instantiated virtual appliances according to the mapping, anddynamically programming, based on the mapping, the set of virtual switches using the plurality of packet filters to steer network traffic to the instantiated set of virtual appliances.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein deriving the security intelligence comprises determining one or more potential security threats by applying at least one of a filter, an analytics, or a reputation based heuristic on the real-time threat information.
  - 3. The method of claim 2, wherein determining the security measure comprises determining a corresponding security measure for each of the one or more potential security threats.
  - 4. The method of claim 1, further comprising triggering an alert based on the security intelligence.
  - 5. The method of claim 1, wherein each of the set of virtual appliances is a virtual machine for performing a pre-defined task and is implemented using network function virtualization.
  - 6. The method of claim 1, wherein each of the set of virtual switches is programmed using software defined networking.
  - 7. The method of claim 1, wherein each of the set of virtual appliances emulates at least one of a firewall, an intrusion prevention system (IPS), a deep packet inspection (DPI), or a network traffic shaper.

8. A system for providing computer network security, the system comprising:
- at least one microprocessor; and
  
  a memory storing instructions that, when executed by the at least one microprocessor, cause the at least one microprocessor to perform operations comprising;
  
  gathering real-time threat information from one or more sources;
  
  deriving security intelligence based on the real-time threat information;
  
  determining a security measure based on the security intelligence; and
  
  dynamically applying the security measure to a computer network using a set of virtual appliances and a set of virtual switches,wherein dynamically applying comprises;
  
  mapping the security measure to the set of virtual appliances, the set of virtual switches, and a plurality of packet filters,dynamically instantiating each virtual appliance in the set of virtual appliances based on the mapping using software defined networking,service chaining virtual appliances in the set to connect the instantiated virtual appliances according to the mapping, anddynamically programming, based on the mapping, the set of virtual switches using the plurality of packet filters to steer network traffic to the instantiated set of virtual appliances.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The system of claim 8, wherein deriving the security intelligence comprises determining one or more potential security threats by applying at least one of a filter, an analytics, or a reputation based heuristic on the real-time threat information.
  - 10. The system of claim 9, wherein determining the security measure comprises determining a corresponding security measure for each of the one or more potential security threats.
  - 11. The system of claim 8, wherein each of the set of virtual appliances is a virtual machine for performing a pre-defined task, is implemented using network function virtualization, and emulates at least one of a firewall, an intrusion prevention system (IPS), a deep packet inspection (DPI), or a network traffic shaper.
  - 12. The system of claim 8, wherein each of the set of virtual switches is programmed using software defined networking.

13. A non-transitory computer-readable medium storing computer-executable instructions for:
- gathering real-time threat information from one or more sources;
  
  deriving security intelligence based on the real-time threat information;
  
  determining a security measure based on the security intelligence; and
  
  dynamically applying the security measure to a computer network using a set of virtual appliances and a set of virtual switches,wherein dynamically applying comprises;
  
  mapping the security measure to the set of virtual appliances, the set of virtual switches, and a plurality of packet filters,dynamically instantiating each virtual appliance in the set of virtual appliances based on the mapping using software defined networking,service chaining virtual appliances in the set to connect the instantiated virtual appliances according to the mapping, anddynamically programming, based on the mapping, the set of virtual switches using the plurality of packet filters to steer network traffic to the instantiated set of virtual appliances.
- View Dependent Claims (14)
- - 14. The medium of claim 13, wherein deriving the security intelligence comprises determining one or more potential security threats by applying at least one of a filter, an analytics, or a reputation based heuristic on the real-time threat information, and wherein determining the security measure comprises determining a corresponding security measure for each of the one or more potential security threats.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wipro Limited
Original Assignee
Wipro Limited
Inventors
Singuru, Radha Krishna
Primary Examiner(s)
Do, Khang

Application Number

US14/943,048
Publication Number

US 20170099313A1
Time in Patent Office

1,232 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/86   Mapping to a database

G06F 2009/45587   Isolation or security of vi...

G06F 9/45558   Hypervisor-specific managem...

H04L 12/4625   Single bridge functionality...

H04L 41/0893   Assignment of logical group...

H04L 41/0895   Configuration of virtualise...

H04L 45/42   Centralised routing

H04L 45/64   using an overlay routing layer

H04L 49/70   Virtual switches

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

H04L 63/20   for managing network securi...

System and method for providing computer network security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for providing computer network security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links