Scalable system for monitoring network system and components and methodology therefore
First Claim
1. A method of monitoring a plurality of security parameters for a networked system having a first server and at least one second server, the networked system having a transport communication layer, the transport communication layer having a master transport located on the first server, the method comprising the steps of:
- comparing a data set located within a resident program located on the at least one second server against a rule set generated by a user;
generating a result forwardable to the master transport based on the step of comparing;
collecting the results in the first server; and
reporting the results from the first server to the user.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention is a security software methodology and system that takes an internal approach to mitigating security risks from authorized and unauthorized users. The security software system uses the methodology of monitoring, in great detail, any configuration changes made to information systems within a network. These systems and applications include web servers, firewalls, proxy servers, log servers, intrusion detection software systems, routers and any other device or application which can be considered a part of the enterprise information system infrastructure.
-
Citations
28 Claims
-
1. A method of monitoring a plurality of security parameters for a networked system having a first server and at least one second server, the networked system having a transport communication layer, the transport communication layer having a master transport located on the first server, the method comprising the steps of:
-
comparing a data set located within a resident program located on the at least one second server against a rule set generated by a user;
generating a result forwardable to the master transport based on the step of comparing;
collecting the results in the first server; and
reporting the results from the first server to the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
16. A method for monitoring a security parameter for a network, the network having a first and a second server, the first server having a transport mechanism communicatively connected to the second server, the method comprising the steps of:
-
monitoring at one or more times for changes to a firewall policy;
collecting on the first server the changes to the firewall policy;
storing the changes to the firewall policy on the first server; and
compiling a history of the changes to the firewall policy on the first server;
reporting the history of the firewall policy changes; and
the second server performing other networking tasks concurrently with the steps of collecting, storing, compiling, or reporting.
-
-
17. The method of step 16, further comprising the steps of:
-
monitoring whether a change is an approved change;
archiving changes into a first report, the report identifying approved changes.
-
-
28. The method of step 27 further comprising the step of:
monitoring encrypted secure connections between the first and the one or more second servers.
Specification