System and method for providing enhanced network security
First Claim
1. A method for providing enhance network security, comprising:
- receiving data traffic at a network device for processing;
reviewing the data traffic and comparing the data traffic against predetermined criteria;
determining whether the data traffic matches the criteria;
calling an external handler script to process the data traffic if it is determined that the data traffic matches the criteria; and
passing the data traffic as conventional traffic if it is determined that the data traffic does not match the criteria.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing enhance network security is disclosed. In particular, data traffic is initially presented to a network device for processing. In response, the device reviews the data traffic and compares the data traffic against predetermined criteria. Next, it is determined whether the data traffic matches the criteria and, if so, a handler script is called to process the data traffic in accordance with its identification. If the data traffic does not match the criteria, the process ends and the data traffic is passed as conventional traffic. Because information regarding the data traffic is initially reviewed passively, the process of the present invention is able to operate using very little in the way of processor resources. Only when traffic identification information is passed to the handler script is an action actually performed on the traffic. Additionally, by providing a handler script outside the confines of the traffic analyzing program, changes to the handling of identified traffic may be modified without requiring a recompilation of the entire system.
69 Citations
30 Claims
-
1. A method for providing enhance network security, comprising:
-
receiving data traffic at a network device for processing;
reviewing the data traffic and comparing the data traffic against predetermined criteria;
determining whether the data traffic matches the criteria;
calling an external handler script to process the data traffic if it is determined that the data traffic matches the criteria; and
passing the data traffic as conventional traffic if it is determined that the data traffic does not match the criteria. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for providing enhance network security, comprising:
-
means for receiving data traffic at a network device for processing;
means for reviewing the data traffic and comparing the data traffic against predetermined criteria;
means for determining whether the data traffic matches the criteria;
means for calling an external handler script to process the data traffic if it is determined that the data traffic matches the criteria; and
means for passing the data traffic as conventional traffic if it is determined that the data traffic does not match the criteria. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
21. A computer-readable medium incorporating one or more instructions for providing enhance network security, the instructions comprising:
-
one or more instructions for receiving data traffic at a network device for processing;
one or more instructions for reviewing the data traffic and comparing the data traffic against predetermined criteria;
one or more instructions for determining whether the data traffic matches the criteria;
one or more instructions for calling an external handler script to process the data traffic if it is determined that the data traffic matches the criteria; and
one or more instructions for passing the data traffic as conventional traffic if it is determined that the data traffic does not match the criteria.
-
Specification