Network audit and policy assurance system

US 20050257267A1
Filed: 02/13/2004
Published: 11/17/2005
Est. Priority Date: 02/14/2003
Status: Active Grant

First Claim

Patent Images

1. A network auditing system for auditing a data communications network, the system comprising:

a first server configuring policies and audits of the data communications network;

one or more second servers coupled to the first server, the one or more second servers gathering information about the network in response to the configured audits and transmitting the gathered information to the first server; and

a data store coupled to the first server, the data store storing the gathered information transmitted by the one or more second servers, wherein the first server determines compliance with one of the configured network policies and independently makes a recommendation, in response to the determination, for modifying a network feature.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

Citations

20 Claims

1. A network auditing system for auditing a data communications network, the system comprising:
- a first server configuring policies and audits of the data communications network;
  
  one or more second servers coupled to the first server, the one or more second servers gathering information about the network in response to the configured audits and transmitting the gathered information to the first server; and
  
  a data store coupled to the first server, the data store storing the gathered information transmitted by the one or more second servers, wherein the first server determines compliance with one of the configured network policies and independently makes a recommendation, in response to the determination, for modifying a network feature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The network auditing system of claim 1 further comprising a user interface allowing a user to generate a natural language policy document for the network policy and associate one or more machine-processable rules to the natural language policy document for allowing the network policy to be machine executable.
  - 3. The network auditing system of claim 1 further comprising a plurality of heterogeneous information sources coupled to the one or more second servers, wherein the one or more second servers each include:
    - means for receiving information gathered by the heterogeneous information sources; and
      
      means for converting the received information into a normalized data format.
  - 4. The network auditing system of claim 3, wherein the normalized data format is a machine-processable language format.
  - 5. The network auditing system of claim 1 further comprising an interface operating between a plurality of heterogeneous information sources and the one or more second servers, the interface providing a uniform communications platform for uniformly communicating with the heterogeneous information sources.
  - 6. The network auditing system of claim 1, wherein the recommendation is associated with a change to one of the configured network policies.
  - 7. The network auditing system of claim 6 further comprising means for modeling an effect of the change to one of the configured network policies.
  - 8. The network auditing system of claim 1, wherein the recommendation is a task associated with the network feature.
  - 9. The network auditing system of claim 8 further comprising means for monitoring status of the recommended task.
  - 10. The network auditing system of claim 9 further comprising means for verifying completion of the recommended task.
  - 11. The network auditing system of claim 1 further comprising:
    - means for identifying active network devices associated with an audit;
      
      means for tracking the network devices over time; and
      
      means for correlating information associated with the network devices.
  - 12. The network auditing system of claim 1, wherein the one or more second servers are coupled to one or more dynamically configurable packet filters.
  - 13. The network auditing system of claim 12, wherein the packet filters may be dynamically configured to forward packets during an audit session.
  - 14. The network auditing system of claim 1 further comprising means for determining whether address filtering for a wireless access point is functional.
  - 15. The network auditing system of claim 1 further comprising means for tracing a location of a wireless access point.
  - 16. The network auditing system of claim 1 wherein the first server comprises a semantic normalization module identifying equivalencies among information generated by heterogeneous information sources.
  - 17. The network auditing system of claim 16, wherein a network policy includes one or more rules that are applied to the information generated by the heterogeneous information sources independently of a source type.
  - 18. The network auditing system of claim 1, wherein the first server provides, in response to the determination, a graphical representation of a security of the data communications network.
  - 19. The network auditing system of claim 1 further comprising means for generating a report providing consolidated visibility into the security of the data communications network.
  - 20. The network auditing system of claim 1, wherein the network feature is a network security feature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Musarubra US LLC (Musarubra US SellCo LLC)
Original Assignee
Preventsys, Inc. (McAfee, LLC)
Inventors
Costello, Brian, Payne, John, Pelly, John, Walpole, Thomas Paul, Ritter, Stephen J., Rutherford, M. Celeste, Ravenel, John Patrick, Williams, John Leslie, Nakawatase, Ryan Tadashi

Granted Patent

US 7,627,891 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

H04L 63/0227 Filtering policies mail mes...

H04L 63/1408 by monitoring network traff...

Network audit and policy assurance system

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Network audit and policy assurance system

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links