Network protection software and method

US 20050138431A1
Filed: 12/23/2004
Published: 06/23/2005
Est. Priority Date: 12/23/2003
Status: Abandoned Application

First Claim

Patent Images

3-1. The method of claim 1, wherein the step of verifying that the machine meets certain criteria includes verifying that the machine is using a valid operating system at the appropriate patch levels.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A software-based system allows immediate isolation of all IP traffic until a newly added machine has been qualified. In the preferred embodiment, this verification is carried out using a variety of mechanisms, optionally including a local agent, vulnerability scanning, and system fingerprinting. Any newly attached machine requesting an IP address is quarantined into a restricted address space until an authorization server validates that it is running a valid operating system at the appropriate patch levels, is not actively scanning or transmitting malicious data, has the proper virus software and engine, and is not vulnerable on known Trojan ports.

11 Citations

View as Search Results

11 Claims

3-1. The method of claim 1, wherein the step of verifying that the machine meets certain criteria includes verifying that the machine is using a valid operating system at the appropriate patch levels.

6. A system for protecting a network against a newly added machine, comprising:
- a Dynamic Host Configuration Protocol (DHCP) administrator operative to perform the following functions;
  
  assign a temporary IP address to a machine added to a network;
  
  verify that the machine meets certain criteria; and
  
  , if it does, assign the machine a non-temporary IP address.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The system of claim 6, wherein the DHCP is operative to perform vulnerability scanning on the new machine.
  - 8. The system of claim 6, wherein the DHCP is operative to fingerprint the new machine.
  - 9. The system of claim 6, wherein the DHCP is operative to verify that the machine meets certain criteria includes verifying that the machine is using a valid operating system at the appropriate patch levels.
  - 10. The system of claim 6, wherein all IP traffic is isolated until the machine is verified.
  - 11. The system of claim 6, further including a local agent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jay P. Harrison
Original Assignee
Jay P. Harrison
Inventors
Harrison, Jay P.

Application Number

US11/021,621
Publication Number

US 20050138431A1
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 21/50   Monitoring users, programs ...

G06F 21/577   Assessing vulnerabilities a...

H04L 61/50   Address allocation

H04L 63/08   for authentication of entit...

H04L 63/1433   Vulnerability analysis

H04L 9/40   Network security protocols

Network protection software and method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Network protection software and method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links