User interface features for enterprise security management

US 10,652,280 B2
Filed: 04/24/2017
Issued: 05/12/2020
Est. Priority Date: 04/24/2017
Status: Active Grant

First Claim

Patent Images

1. A system for defining a security configuration for an enterprise network, the system comprising:

an enterprise security management configuration server comprising a processor and a memory, the enterprise security management configuration server hosting an enterprise security management configuration tool from the memory that, when executed from the enterprise security management configuration server, causes the enterprise security management configuration server to perform;

displaying a configuration user interface including an enterprise topology region and a tool palette, the enterprise topology region being configured to display a logical interconnection view of a plurality of nodes included within an enterprise network, and the tool palette being configured to display a plurality of tools useable to modify groupings or settings associated with the plurality of nodes;

wherein the enterprise topology region is configured to display at least one profile icon representing a profile including a plurality of affinitized nodes and at least one solution icon representing a plurality of intercommunicating profiles without requiring display of each of the affinitized nodes in the profile individually, the affinitized nodes being automatically grouped into the profile based on similarity of network concordance data among the plurality of nodes to present a simplified illustration of the enterprise topology, the network concordance data comprising network traffic data regarding identities and interactions of the plurality of nodes included within the enterprise network.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for configuring a security topology in an enterprise security management configuration tool are disclosed. One method includes manipulating an icon representing one or more nodes in a configuration user interface of an enterprise security management configuration tool to associate the one or more nodes into a manual grouping of nodes in an enterprise network; and, after manipulating the icon, selecting, from a tool palette of the configuration user interface, an automatic association tool, the automatic association tool determining an association among a plurality of nodes into a plurality of automated logical groupings of nodes. In some cases, the manual grouping of nodes is different from the plurality of automated logical groupings, and the automatic association tool preserves the manual grouping of nodes.

41 Citations

View as Search Results

19 Claims

1. A system for defining a security configuration for an enterprise network, the system comprising:
- an enterprise security management configuration server comprising a processor and a memory, the enterprise security management configuration server hosting an enterprise security management configuration tool from the memory that, when executed from the enterprise security management configuration server, causes the enterprise security management configuration server to perform;
  
  displaying a configuration user interface including an enterprise topology region and a tool palette, the enterprise topology region being configured to display a logical interconnection view of a plurality of nodes included within an enterprise network, and the tool palette being configured to display a plurality of tools useable to modify groupings or settings associated with the plurality of nodes;
  
  wherein the enterprise topology region is configured to display at least one profile icon representing a profile including a plurality of affinitized nodes and at least one solution icon representing a plurality of intercommunicating profiles without requiring display of each of the affinitized nodes in the profile individually, the affinitized nodes being automatically grouped into the profile based on similarity of network concordance data among the plurality of nodes to present a simplified illustration of the enterprise topology, the network concordance data comprising network traffic data regarding identities and interactions of the plurality of nodes included within the enterprise network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The system of claim 1, wherein the tool palette is configured to display an affinitization tool, a solution creation tool, and a deployment tool.
  - 3. The system of claim 1, wherein the tool palette is configured to display an object tool useable to manually create a new profile or solution.
  - 4. The system of claim 1, wherein the configuration user interface is configured to display a plurality of predetermined solutions, the plurality of predetermined solutions including an internet solution, an intranet solution, an infrastructure solution, and an enterprise management server solution.
  - 5. The system of claim 1, wherein the configuration user interface is configured to receive a modification to at least one profile by adding or removing one or more nodes from at least one profile.
  - 6. The system of claim 5, wherein the configuration user interface is configured to display a channel between at least one pair of profile icons.
  - 7. The system of claim 1, wherein the enterprise security management configuration tool is configured to, upon receiving a selection of a profile icon in the configuration user interface, display a sub-region illustrating details regarding the plurality of nodes associated with the profile.
  - 8. The system of claim 7, wherein the sub-region includes a selection option useable to toggle between enablement and disenablement of security for each of the plurality of nodes associated with the profile icon.
  - 9. The system of claim 8, wherein the enterprise security management configuration tool is configured to output a security settings file importable into an enterprise management database, the security settings file including one or more security settings defining security for each of the plurality of nodes that are defined at least in part based on the selection option.
  - 10. The system of claim 1, wherein the configuration user interface is configured to receive a modification to at least one solution by adding or removing one or more profiles from the at least one solution.
  - 11. The system of claim 10, wherein the enterprise security management configuration tool is configured to, upon receiving a selection of a solution icon in the configuration user interface that represents a solution, expand the solution icon to display a plurality of profiles included in the solution represented by the solution icon.
  - 12. The system of claim 10, wherein the modification to the at least one solution comprises a drag-and-drop action to add the one or more profiles to the at least one solution by dropping a profile icon onto a solution icon or a screen area within a solution region.

13. A method of depicting a security topology in an enterprise security management configuration tool, the method comprising:
- displaying a configuration user interface including an enterprise topology region and a tool palette, the enterprise topology region being configured to display a configuration user interface including an enterprise topology region and a tool palette;
  
  displaying, in the enterprise topology region, a logical interconnection view of a plurality of nodes included within an enterprise network, the logical interconnection view including at least one profile icon representing a profile including a plurality of affinitized nodes and at least one solution icon representing a plurality of intercommunicating profiles without requiring display of each of the affinitized nodes individually, the plurality of affinitized nodes being automatically grouped and associated with the at least one profile icon based at least in part on similarity of network concordance data among the plurality of nodes to present a simplified illustration of the enterprise topology; and
  
  displaying, in the tool palette, a plurality of tools useable to modify groupings or settings associated with the plurality of nodes,wherein the network concordance data includes network traffic data regarding identities and interactions of the plurality of nodes included within the enterprise network.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The method of claim 13, further comprising, upon receipt of a user action dragging a profile icon into association with a solution, establishing an association between a profile represented by the profile icon and the solution.
  - 15. The method of claim 14, wherein, after the profile is associated with the solution, the security settings associated with the solution are thereby associated with the profile.
  - 16. The method of claim 13, wherein the tool palette includes one or more automatic association tools useable to automatically associate nodes into one or more profiles or solutions.
  - 17. The method of claim 16, wherein one or more user-defined associations of nodes into profiles or associations of profiles with solutions are preserved when one or more automatic association tools is used.

18. A method of configuring a security topology in an enterprise security management configuration tool, the method comprising:
- manipulating an icon representing one or more nodes in a configuration user interface of an enterprise security management configuration tool to associate the one or more nodes into a manual grouping of nodes in an enterprise network, the manual grouping of nodes including a plurality of nodes and being represented by a first profile icon;
  
  after manipulating the icon, selecting, from a tool palette of the configuration user interface, an automatic association tool, the automatic association tool determining an association among a remaining plurality of nodes other than the manual grouping of nodes into a plurality of automated logical groupings of nodes based at least in part on network concordance data, each of the automated logical groupings of nodes representing a profile including affinitized nodes and being represented by at least a second profile icon, and not requiring display of each of the affinitized nodes or the manual grouping of nodes individually to present a simplified illustration of the enterprise topology;
  
  wherein the manual grouping of nodes is different from the plurality of automated logical groupings of nodes, and the automatic association tool preserves the manual grouping of nodes, andwherein the network concordance data includes network traffic data regarding identities and interactions of the plurality of nodes included within the enterprise network.
- View Dependent Claims (19)
- - 19. The method of claim 18, wherein the manual grouping of nodes comprises adding a profile to a solution including a plurality of profiles, each profile including a plurality of nodes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Unisys Corporation
Original Assignee
Unisys Corporation
Inventors
Johnson, Robert A., DiDomenico, Michael J., Jolly, Philippe, Leap, Michael C, Phelps, Richard W
Primary Examiner(s)
Song, Daeho D

Application Number

US15/494,896
Publication Number

US 20180309790A1
Time in Patent Office

1,114 Days
Field of Search

715734
US Class Current
CPC Class Codes

G06F 21/604   Tools and structures for ma...

H04L 63/0823   using certificates cryptogr...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

User interface features for enterprise security management

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

User interface features for enterprise security management

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links