Method and system for monitoring a selected region of an airspace associated with local area networks of computing devices
First Claim
1. A method for monitoring a selected region of an airspace associated with local area networks of computing devices, the method comprising:
- providing one or more segments of a legacy local area network to be protected in a selected geographic region, the legacy local area network being characterized by an unsecured airspace within the selected geographic region;
determining a security policy associated with the one or more segments of the legacy local area network, the security policy at least characterizing a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored;
connecting one or more sniffer devices into the legacy local area network, the one or more sniffer devices being spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy;
coupling a security appliance to the legacy local area network;
determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected;
determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured;
monitoring wireless activity in the airspace using the one or more sniffer devices;
automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activity to at least determine if the wireless activity communicates to at least one of the one or more segments to be protected;
detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity; and
automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected.
8 Assignments
0 Petitions
Accused Products
Abstract
A method for monitoring a selected region of an airspace associated with local area networks of computing devices is provided. The method includes providing one or more segments of a legacy local area network to be protected in a selected geographic region. The legacy local area network is characterized by an unsecured airspace within the selected geographic region. The method includes determining a security policy associated with the one or more segments of the legacy local area network. The security policy at least characterizes a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored. Additionally, the method includes connecting one or more sniffer devices into the legacy local area network. The one or more sniffer devices are spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy. Moreover, the method includes coupling a security appliance to the legacy local area network. The method also includes determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected and determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured. The method additionally includes monitoring wireless activity in the airspace using the one or more sniffer devices, and automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activity to at least determine if the wireless activity communicates to at least one of the one or more segments to be protected. Further, the method includes detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity, and automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected.
-
Citations
52 Claims
-
1. A method for monitoring a selected region of an airspace associated with local area networks of computing devices, the method comprising:
-
providing one or more segments of a legacy local area network to be protected in a selected geographic region, the legacy local area network being characterized by an unsecured airspace within the selected geographic region;
determining a security policy associated with the one or more segments of the legacy local area network, the security policy at least characterizing a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored;
connecting one or more sniffer devices into the legacy local area network, the one or more sniffer devices being spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy;
coupling a security appliance to the legacy local area network;
determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected;
determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured;
monitoring wireless activity in the airspace using the one or more sniffer devices;
automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activity to at least determine if the wireless activity communicates to at least one of the one or more segments to be protected;
detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity; and
automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
-
46. A method for monitoring and displaying selected wireless activity in a selected geographic region, the method comprising:
-
providing one or more segments of a legacy local area network to be protected in a selected geographic region, the legacy local area network being characterized by an unsecured airspace within the selected geographic region;
displaying an illustration of the selected geographic region associated with the one or more segments of the legacy local area network on a computer display;
determining a security policy associated with the one or more segments of the local area network in the selected geographic region, the security policy at least characterizing a type of wireless activity to be permitted, denied, or ignored;
connecting one or more sniffer devices into the legacy local area network to be protected within the selected geographic region;
coupling a security appliance to the legacy local area network;
determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected;
determining if the one or more sniffer devices substantially covers a portion of the unsecured airspace to be secured;
monitoring wireless activity in the airspace associated with the legacy local area network using the one or more sniffer devices;
automatically classifying a portion of information associated with the monitoring of the wireless activity in the airspace;
detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity in the airspace associated with the legacy local area network;
automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network;
displaying an indication associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network;
displaying a spatial location and associated coverage of one or more of the sniffer devices; and
displaying a spatial location and associated coverage of at least one access point in the one or more segments of the legacy local area network. - View Dependent Claims (47, 48, 49, 50)
-
-
51. A method for monitoring a selected region of an airspace having multiple wireless signal activities associated with local area network of computing devices comprising one or more network segments, the method comprising:
-
providing one or more segments of a legacy local area network to be protected in a selected geographic region, the legacy local area network being characterized by an unsecured airspace within or in a vicinity of the selected geographic region;
determining a security policy associated with the one or more segments of the legacy local area network to be protected, the security policy at least characterizing a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored;
coupling one or more sniffer devices into the legacy local area network, the one or more sniffer devices being spatially disposed within or in a vicinity of the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy;
coupling a security appliance to the legacy local area network;
determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected;
determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured;
monitoring a plurality of wireless activities in the airspace using the one or more sniffer devices;
automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activities to at least determine if the one or more of the wireless activities is coupled to at least one of the one or more segments to be protected;
detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activities, the classifying selectively identifying the violation of the security policy from a plurality of events associated with the wireless activities; and
automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected, the action comprising a selective prevention process to restrict the one or more wireless devices associated with the violation of the security policy from engaging in wireless communication with the legacy local area network without detrimentally influencing any of the other wireless devices.
-
-
52. A method for monitoring a selected region of an airspace associated with local area networks of computing devices, the method comprising:
-
providing one or more segments of a legacy local area network to be protected in a selected geographic region, the legacy local area network being characterized by an unsecured airspace within the selected geographic region;
determining a security policy associated with the one or more segments of the legacy local area network, the security policy at least characterizing a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored;
connecting one or more sniffer devices into the legacy local area network, the one or more sniffer devices being spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy;
coupling a security appliance to the legacy local area network;
determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured;
monitoring wireless activity in the airspace using the one or more sniffer devices;
automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activity to at least determine if the wireless activity communicates to at least one of the one or more segments to be protected;
detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity; and
automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected.
-
Specification