Physical switched network security
First Claim
1. A system for securing a private network of computer resources accessible to users of an external communications network, comprising:
- a private network gateway, and a circuit switch;
the private network gateway connected in series with the circuit switch between the external communications network and the private network, and the private network gateway including an intruder detector which produces an alarm output when intruder activity is detected; and
the circuit switch selectively disconnecting the external communications network from the private network responsive to the alarm output of the intruder detector.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system for a communications network includes a system which audits and monitors network activity for an intruder. The system also includes a circuit switch which makes and breaks a physical connection between an external portion of the communications network and a private portion of the communications network. The auditing and monitoring system is connected to the circuit switch, preferably through a back channel inaccessible to an intruder, to control the circuit switch to disconnect the intruder from the private portion of the communications network and to connect the intruder to a decoy in a substantially undetectable manner.
-
Citations
17 Claims
-
1. A system for securing a private network of computer resources accessible to users of an external communications network, comprising:
-
a private network gateway, and a circuit switch;
the private network gateway connected in series with the circuit switch between the external communications network and the private network, and the private network gateway including an intruder detector which produces an alarm output when intruder activity is detected; and
the circuit switch selectively disconnecting the external communications network from the private network responsive to the alarm output of the intruder detector. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17)
-
-
13. A method of securing a private network of computer resources accessible to users of an external communications network, comprising:
-
detecting an intruder to the private network from the external communications network;
generating an alarm signal responsive to the step of detecting; and
reconnecting the intruder from the private network to a decoy resource in a time period not noticeable to the intruder.
-
Specification