NETWORK SECURITY APPLIANCE
First Claim
Patent Images
1. A network security appliance interposed between a computer system and a public network, the network security appliance being configured to:
- receive, via a secure connection over the public network, digitally signed and encrypted threat information for identifying malicious content and activities;
validate the signature of the security related information;
decrypt the security related information;
update a secured memory of the network security appliance with the threat information; and
analyze data traffic between the computer system and the public network to identify malicious content using the threat information.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for combating and thwarting attacks by cybercriminals are provided. Network security appliances interposed between computer systems and public networks, such as the Internet, are configured to perform defensive and/or offensive actions against botnets and/or other cyber threats. According to some embodiments, network security appliances may be configured to perform coordinated defensive and/or offensive actions with other network security appliances.
52 Citations
27 Claims
-
1. A network security appliance interposed between a computer system and a public network, the network security appliance being configured to:
-
receive, via a secure connection over the public network, digitally signed and encrypted threat information for identifying malicious content and activities; validate the signature of the security related information; decrypt the security related information; update a secured memory of the network security appliance with the threat information; and analyze data traffic between the computer system and the public network to identify malicious content using the threat information. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of operating a network security appliance, the network security appliance being interposed between a computer system and a public network, the method comprising:
-
receiving, via a secure connection over the public network, digitally signed and encrypted threat information for identifying malicious content and activities; validating the signature of the security related information; decrypting the security related information; updating a secured memory of the network security appliance with the threat information; and analyzing data traffic between the computer system and the public network to identify malicious content using the threat information. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of operating a network security appliance, the network security appliance being interposed between a computer system and a public network, the method comprising:
-
receiving a control message from a management server, the management server being configured to provide security related information identifying specific threats to a plurality of network security appliances; performing one or more security-related actions in response to the control message received from the management server. - View Dependent Claims (20, 21)
-
-
22. A computer network comprising:
-
a management system coupled to a public network; a plurality of network security appliances, each network security appliance being interposed between a computer system and the public network; wherein the management server is configured transmit threat information and control commands to the plurality of network security appliances, and wherein the management server is further configured to receive threat information and network data from the plurality of network security appliances. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification