System and method for providing network security policy enforcement
First Claim
Patent Images
1. A method of determining whether a networked system complies with a network security policy, the method comprising the steps of:
- identifying at least one system to scan;
scanning the at least one system for current information pertaining to the at least one system;
comparing the current information obtained from the step of scanning against stored information for a network security policy pertaining to the at least one system; and
determining whether the at least one system complies with a network security policy based on the step of comparing.
0 Assignments
0 Petitions
Accused Products
Abstract
A rack-mountable, self-contained computer network security device that actively monitors a computer network'"'"'s policy-defined configuration baseline for deviations. The device compares system identifying attributes and active TCP/UDP daemons to a policy baseline to determine policy compliance. Computer system events may be stored within a database.
94 Citations
24 Claims
-
1. A method of determining whether a networked system complies with a network security policy, the method comprising the steps of:
-
identifying at least one system to scan;
scanning the at least one system for current information pertaining to the at least one system;
comparing the current information obtained from the step of scanning against stored information for a network security policy pertaining to the at least one system; and
determining whether the at least one system complies with a network security policy based on the step of comparing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
13. A system for determining whether a networked system complies with a network security policy, the system comprising:
-
an identifying module that identifies at least one system to scan;
a scanning module that scans the at least one system for current information pertaining to the at least one system;
a comparing module that compares the current information obtained from the step of scanning against stored information for a network security policy pertaining to the at least one system; and
a compliance determining module that determines whether the at least one system complies with a network security policy based on the step of comparing.
-
Specification