Network host isolation tool
First Claim
1. An automated method for blocking a plurality of devices in a network, comprising:
- providing a list of Internet Protocol (IP) addresses corresponding to a plurality of devices to be blocked in a network; and
for each IP address in the list;
determining a router in the network connected to the IP address;
determining a layer-2 Media Access Control (MAC) address associated with the IP address; and
applying a CAM filter to a core switch associated with the router to block communication from the device corresponding to the IP address, at the core switch;
wherein the blocking of the plurality of devices occurs automatically in response to the provision of the list of IP addresses.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a method, system, and computer program product for quickly and automatically blocking a plurality of computer systems in response to detection of a widespread vulnerability or software infection. The method comprises: providing a list of Internet Protocol (IP) addresses corresponding to a plurality of devices to be blocked in a network; and for each IP address in the list: determining a router in the network connected to the IP address; determining a layer-2 Media Access Control (MAC) address associated with the IP address; and applying a CAM filter to a core switch associated with the router to block communication from the device corresponding to the IP address, at the core switch; wherein the blocking of the plurality of devices occurs automatically in response to the provision of the list of IP addresses.
-
Citations
23 Claims
-
1. An automated method for blocking a plurality of devices in a network, comprising:
-
providing a list of Internet Protocol (IP) addresses corresponding to a plurality of devices to be blocked in a network; and
for each IP address in the list;
determining a router in the network connected to the IP address;
determining a layer-2 Media Access Control (MAC) address associated with the IP address; and
applying a CAM filter to a core switch associated with the router to block communication from the device corresponding to the IP address, at the core switch;
wherein the blocking of the plurality of devices occurs automatically in response to the provision of the list of IP addresses. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An system for automatically blocking a plurality of devices in a network, comprising:
-
a system for providing a list of Internet Protocol (IP) addresses corresponding to a plurality of devices to be blocked in a network; and
a system for automatically blocking the plurality of devices in response to the provision of the list of IP addresses, wherein, for each IP address in the list, the system for automatically blocking is configured to;
determine a router in the network connected to the IP address;
determine a layer-2 Media Access Control (MAC) address associated with the IP address; and
apply a CAM filter to a core switch associated with the router to block communication from the device corresponding to the IP address, at the core switch. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A program product stored on a recordable medium for automatically blocking a plurality of devices in a network, which when executed comprises:
-
program code for providing a list of Internet Protocol (IP) addresses corresponding to a plurality of devices to be blocked in a network; and
program code for automatically blocking the plurality of devices in response to the provision of the list of IP addresses, wherein, for each IP address in the list, the program code for automatically blocking is configured to;
determine a router in the network connected to the IP address;
determine a layer-2 Media Access Control (MAC) address associated with the IP address; and
apply a CAM filter to a core switch associated with the router to block communication from the device corresponding to the IP address, at the core switch. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A method for deploying an application for automatically blocking a plurality of devices in a network, comprising:
-
providing a computer infrastructure being operable to;
provide a list of Internet Protocol (IP) addresses corresponding to a plurality of devices to be blocked in a network; and
for each IP address in the list;
determine a router in the network connected to the IP address;
determine a layer-2 Media Access Control (MAC) address associated with the IP address; and
'"'"'apply a CAM filter to a core switch associated with the router to block communication from the device corresponding to the IP address, at the core switch;
wherein the blocking of the plurality of devices occurs automatically in response to the provision of the list of IP addresses.
-
-
23. Computer software embodied in a propagated signal for automatically blocking a plurality of devices in a network, the computer software comprising instructions to cause a computer system to perform the following functions:
-
provide a list of Internet Protocol (IP) addresses and corresponding to a plurality of devices to be blocked in a network; and
for each IP address in the list;
determine a router in the network connected to the IP address;
determine a layer-2 Media Access Control (MAC) address associated with the IP address; and
apply a CAM filter to a core switch associated with the router to block communication from the device corresponding to the IP address, at the core switch;
wherein the blocking of the plurality of devices occurs automatically in response to the provision of the list of IP addresses.
-
Specification