TRUSTED NETWORK INTERFACE
First Claim
Patent Images
1. A method for operating a trusted network interface for monitoring network traffic passing through a plurality of network security appliances:
- receiving, at a management system, warrant information identifying a network security appliance to execute one or more actions specified in the warrant information;
generating a control command instructing the network security appliance identified in the warrant information to execute the one or more actions specified in the warrant information;
digitally signing the control command with a digital certificate associated with the management system;
encrypting the digitally signed control command;
transmitting the digitally signed and encrypted control command to the network security appliance identified in the warrant information; and
receiving confirmation from the network security appliance that the one or more actions specified in the warrant information have been executed.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for combating and thwarting attacks by cybercriminals are provided. Network security appliances interposed between computer systems and public networks, such as the Internet, are configured to perform defensive and/or offensive actions against botnets and/or other cyber threats. According to some embodiments, network security appliances may be configured to perform coordinated defensive and/or offensive actions with other network security appliances.
-
Citations
22 Claims
-
1. A method for operating a trusted network interface for monitoring network traffic passing through a plurality of network security appliances:
-
receiving, at a management system, warrant information identifying a network security appliance to execute one or more actions specified in the warrant information; generating a control command instructing the network security appliance identified in the warrant information to execute the one or more actions specified in the warrant information; digitally signing the control command with a digital certificate associated with the management system; encrypting the digitally signed control command; transmitting the digitally signed and encrypted control command to the network security appliance identified in the warrant information; and receiving confirmation from the network security appliance that the one or more actions specified in the warrant information have been executed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer network comprising:
-
a plurality of network security appliances, each network security appliance being interposed between a computer system and a public network; a management system configured to transmit control commands to the plurality of network security appliances via a public network; a judicial control system configured to receive warrant information identifying a network security appliance to execute one or more actions specified in the warrant information; wherein the judicial control system is configured to transmit the warrant information to the management system; wherein the management system is configured to transmit a control command to a network security appliance identified in the warrant information received from the judicial control system, the control command instructing the network security appliance to execute the one or more actions specified in the warrant information; and wherein the management system is configured to receive confirmation from the network security appliance that the one or more actions specified in the warrant information have been executed. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification