Rule-based network survivability framework
First Claim
Patent Images
1. :
- A hierarchical system comprising;
at least one network sensor device (NSD) to monitor a behaviour of a network and perform a first action based at least in part upon a first set of rules;
at least one network operating center (NOC) to at least process events received from the at least one network sensor device; and
at least one system operating center (SOC) to at least create a second set of rules and distribute the second set of rules to selected ones of the at least one network sensor device or the at least one network operating center.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure relates to the survivability of a network system and, more particularly, to a multi-tiered network intrusion detection and response system.
62 Citations
32 Claims
-
1. :
- A hierarchical system comprising;
at least one network sensor device (NSD) to monitor a behaviour of a network and perform a first action based at least in part upon a first set of rules;
at least one network operating center (NOC) to at least process events received from the at least one network sensor device; and
at least one system operating center (SOC) to at least create a second set of rules and distribute the second set of rules to selected ones of the at least one network sensor device or the at least one network operating center. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- A hierarchical system comprising;
-
15. :
- An apparatus comprising;
a network interface to facilitate the monitoring of the behaviour of a network;
a memory to store a first set of rules; and
a rule engine to detect a first adverse network condition utilizing, at least in part, the first set of rules; and
perform a first action based, at least in part, upon the first adverse network condition and the first set of rules. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- An apparatus comprising;
-
23. :
- A method of utilizing a first network intrusion detection device (NIDD) that is part of a network intrusion detection system (NIDS) that is arranged in a hierarchal fashion comprising;
monitoring a behaviour of a network;
detecting a first adverse network condition utilizing, at least in part, a first set of rules;
performing a first action to facilitate attempting to maintain the survivability of the network; and
dynamically changing the first set of rules based, at least in part, upon the behaviour of the network. - View Dependent Claims (24, 25, 26, 27, 28, 29)
- A method of utilizing a first network intrusion detection device (NIDD) that is part of a network intrusion detection system (NIDS) that is arranged in a hierarchal fashion comprising;
-
30. :
- An article comprising;
a storage medium having a plurality of machine accessible instructions, wherein when the instructions are executed by a machine, the instructions provide for utilizing a first network intrusion detection device (NIDD) that is part of a network intrusion detection system (NIDS) that is arranged in a hierarchal fashion comprising;
monitoring a behaviour of a network;
detecting a first adverse network condition utilizing, at least in part, a first set of rules;
performing a first action to facilitate attempting to maintain the survivability of the network; and
dynamically changing the first set of rules based, at least in part, upon the behaviour of the network. - View Dependent Claims (31, 32)
- An article comprising;
Specification