SYSTEM SECURITY AGENT AUTHENTICATION AND ALERT DISTRIBUTION
First Claim
Patent Images
1. An apparatus comprising:
- a receiver to receive from a transport agent on a communication link an aggregated security message, wherein the transport agent receives items of data from different respective on-host system agents monitoring a host system, each item of data representing a security event on the host system, wherein the transport agent aggregates the received items of data into the aggregated security message;
a communication line controller to configure the communication link to receive the aggregated security message; and
a management engine to transmit each of the items of data from the aggregated security message to a respective management console.
3 Assignments
0 Petitions
Accused Products
Abstract
An aggregation agent may combine and correlate information generated by multiple on-host agents and/or information generated in response to multiple security events. The aggregation agent may transmit the combined information to a security console. The security console may check the identity of the aggregation agent to determine whether to accept the information. The security console may map information to one or more consoles.
35 Citations
20 Claims
-
1. An apparatus comprising:
-
a receiver to receive from a transport agent on a communication link an aggregated security message, wherein the transport agent receives items of data from different respective on-host system agents monitoring a host system, each item of data representing a security event on the host system, wherein the transport agent aggregates the received items of data into the aggregated security message; a communication line controller to configure the communication link to receive the aggregated security message; and a management engine to transmit each of the items of data from the aggregated security message to a respective management console. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
an aggregation agent to aggregate multiple host-based security event notifications into a single security report and transmit the single security report to a security server; a router coupled with the aggregation agent to route the single security report from the aggregation agent to the security server; and the security server coupled with the router to receive the single security report and to indicate a host-based security event notification to a security console. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification