ZERO-DAY SECURITY SYSTEM
First Claim
1. A method of securing a network from vulnerability exploits, comprising:
- receiving on a security engine a packet destined for a user'"'"'s internal network;
forwarding the received packet to at least one virtual machine based upon a virtual machine configuration table;
processing the forwarded packet on the at least one virtual machine; and
releasing the packet received on the security engine to the user'"'"'s internal network based upon results of the processing.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for protecting networks from vulnerability exploits comprises a security engine operable to receive a packet destined for a user'"'"'s network and forward the packet to at least one host virtual machine for processing. The security engine is further operable to forward the stored packet to the user'"'"'s internal network based upon a result of the processed packet. A method of securing a network from vulnerability exploits is described. The method comprises receiving a packet destined for a user'"'"'s internal network; forwarding the packet to at least one virtual machine based upon a virtual machine configuration table; processing the forwarded packet on the at least one virtual machine; and releasing the packet to the user'"'"'s internal network based upon results of the processing.
92 Citations
20 Claims
-
1. A method of securing a network from vulnerability exploits, comprising:
-
receiving on a security engine a packet destined for a user'"'"'s internal network; forwarding the received packet to at least one virtual machine based upon a virtual machine configuration table; processing the forwarded packet on the at least one virtual machine; and releasing the packet received on the security engine to the user'"'"'s internal network based upon results of the processing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product, comprising:
a computer-readable medium comprising; a first set of codes for causing a security engine to receive, on a zero-day engine, a packet destined for a user'"'"'s internal network; a second set of codes for causing the security engine to forward the packet to at least one virtual machine based upon a virtual machine configuration table; a third set of codes for causing the at least one virtual machine to process the forwarded packet on an application executing on the at least one virtual machine; and a fourth set of codes for causing the security engine to one of blocking or releasing the stored packet to the user'"'"'s internal network based upon results of the processed forwarded packet. - View Dependent Claims (11)
-
12. A security system for protecting networks from vulnerability exploits, comprising:
-
a security engine operable to receive an incoming packet destined for a user'"'"'s network and forward the packet to at least one host virtual machine; and at least one virtual machine comprising an operating system and services operable to process the forwarded packet; wherein the security engine is further operable to release the packet to the user'"'"'s network based upon a result of the processed packet. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification