Intelligent Network Security Resource Deployment System
First Claim
Patent Images
1. A method comprising:
- (A) at a network traffic receiving subsystem;
(A)(1) receiving first network traffic;
(A)(2) identifying a first source of the first network traffic;
(A)(3) requesting a first present trust level of the first source from a present trust subsystem;
(A)(4) receiving the first present trust level of the first source from the present trust subsystem;
(A)(5) determining whether to provide the first network traffic to an intrusion prevention subsystem based on the first present trust level of the first source; and
(A)(6) providing the first network traffic to the intrusion prevention subsystem if it is determined that the first network traffic should be provided to the intrusion prevention subsystem.
6 Assignments
0 Petitions
Accused Products
Abstract
An electronic communication network includes a connectivity subsystem and security scanning resources. The connectivity subsystem checks the present trust level of the source of received traffic to determine if security scanning resources are to be used and how to use the security scanning resources.
10 Citations
61 Claims
-
1. A method comprising:
(A) at a network traffic receiving subsystem; (A)(1) receiving first network traffic; (A)(2) identifying a first source of the first network traffic; (A)(3) requesting a first present trust level of the first source from a present trust subsystem; (A)(4) receiving the first present trust level of the first source from the present trust subsystem; (A)(5) determining whether to provide the first network traffic to an intrusion prevention subsystem based on the first present trust level of the first source; and (A)(6) providing the first network traffic to the intrusion prevention subsystem if it is determined that the first network traffic should be provided to the intrusion prevention subsystem. - View Dependent Claims (2, 3, 4, 5, 6)
-
10. A method comprising:
-
(A) receiving, from a network traffic receiving subsystem, a first request for a first present trust level of a first source of first network traffic; (B) determining the first present trust level of the first source based on an identifier of the first source and a first policy associated with the first source; and (C) sending, to the network traffic receiving subsystem, a response specifying the first present trust level of the first network source. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A method comprising:
-
(A) receiving, from a network traffic receiving subsystem, a first request for a first present trust level of a first source of first network traffic; (B) determining the first present trust level of the first source based on an identifier of the first source and at least one of; other network traffic received from the first source; a location of a network connection of the first source; and an application associated with the first source; (C) sending, to the network traffic receiving subsystem, a response specifying the first present trust level of the first network source.
-
-
33. A system comprising:
a network traffic receiving subsystem comprising; network traffic reception means for receiving first network traffic; first source identification means for identifying a first source of the first network traffic; first trust level request means for requesting a first present trust level of the first source from a present trust subsystem; first trust level reception means for receiving the first present trust level of the first source from the present trust subsystem; first determination means for determining whether to provide the first network traffic to an intrusion prevention subsystem based on the first present trust level of the first source; and first traffic provision means for providing the first network traffic to the intrusion prevention subsystem if it is determined that the first network traffic should be provided to the intrusion prevention subsystem. - View Dependent Claims (34, 35, 36, 37)
-
38. A present trust engine comprising:
-
first network traffic reception means for receiving, from a network traffic receiving subsystem, a first request for a first present trust level of a first source of first network traffic; a present policy manager to use present policy logic to determine the first present trust level of the first source based on an identifier of the first source and a first policy associated with the first source; and first response means for sending, to the network traffic receiving subsystem, a response specifying the first present trust level of the first network source. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59)
-
-
60. A method comprising:
-
(A) receiving, from a network traffic receiving subsystem, a first request for a first present trust level of a first source of first network traffic; (B) determining the first present trust level of the first source based on an identifier of the first source and at least one of; other network traffic received from the first source; a location of a network connection of the first source; and an application associated with the first source; (C) sending, to the network traffic receiving subsystem, a response specifying the first present trust level of the first network source.
-
-
61. A system comprising:
-
first network traffic reception means for receiving, from a network traffic receiving subsystem, a first request for a first present trust level of a first source of first network traffic; a present policy manager to use present policy logic to determine the first present trust level of the first source based on an identifier of the first source and at least one of; other network traffic received from the first source; a location of a network connection of the first source; and an application associated with the first source; first response means for sending, to the network traffic receiving subsystem, a response specifying the first present trust level of the first network source.
-
Specification