System and method for securing computer stations and/or communication networks
First Claim
1. Method of securing computer equipment that are client workstations connected to each other by means of a computer network or a communication network and forming at least one information system, said system comprising at least one computer server, characterised in that the method comprises two steps of correlating digital data relating to security of the network and of the system or systems, the first step being implemented in the client workstation(s), combining system data and data obtained from the network by scanning entire layers, known as OSI model, from a transport layer to an application layer;
- the second step being executed in the server by combining “
history”
data obtained from digital databases, other “
history”
data stored in memory, and correlation data obtained from said first step,and in that the method also comprises, following each of said two correlation steps, a step of comparing said correlation data with security policy rules and a step of activating countermeasures according to a result of the comparison.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention relates to a method for securing computer equipment (client stations) connected by a computer network or communication network and forming at least on information system, said system comprising at least on computer server, characterized in that it comprises two stages wherein digital data relating to the security of the network and/or system(s) is correlated. The invention also relates to a system for securing wireless digital communication networks.
-
Citations
21 Claims
-
1. Method of securing computer equipment that are client workstations connected to each other by means of a computer network or a communication network and forming at least one information system, said system comprising at least one computer server, characterised in that the method comprises two steps of correlating digital data relating to security of the network and of the system or systems, the first step being implemented in the client workstation(s), combining system data and data obtained from the network by scanning entire layers, known as OSI model, from a transport layer to an application layer;
- the second step being executed in the server by combining “
history”
data obtained from digital databases, other “
history”
data stored in memory, and correlation data obtained from said first step,and in that the method also comprises, following each of said two correlation steps, a step of comparing said correlation data with security policy rules and a step of activating countermeasures according to a result of the comparison. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- the second step being executed in the server by combining “
-
14. System for securing digital communication networks, comprising:
-
at least one computer server; at least one digital database; at least one network management console implemented on a client workstation; at least one user workstation on which a specific application is installed, in particular one which has “
probe”
type functions;said (at least one) server being connected to said (at least one) digital database, and to said (at least one) network management console by a first cabled communication network (fixed) comprising a private part and a DMZ-type semi-public part (. . . ); said first network being connected to a wireless network or to a plurality of networks by means of equipment; said user workstation being connected to said network; characterised in that said specific application emits, periodically and/or according to the performance of a specific event, digital data relating to the client workstation comprising indicators relating to at least one of the following parameters; i. attacks/security; ii. network reception quality; iii. malfunctions of the specific application; the server comprises means for correlating, on the one hand, said digital data relating to the client workstation and the data obtained from said database and/or data relating to one or more other client workstation(s), these means supplying correlation indices as their output;
means for identifying and categorising possible attacks on the network;
means for assessing and grading the relevance of possible risks relating to the data received based on a plurality of criteria.- View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
Specification