Methods, Communication Networks, and Computer Program Products for Monitoring, Examining, and/or Blocking Traffic Associated with a Network Element Based on Whether the Network Element Can be Trusted
First Claim
Patent Images
1. A method of operating a communication network, comprising:
- determining whether a network element can be trusted, wherein determining whether a network element can be trusted comprises;
generating a first hash value based on data associated with the network element wherein the first hash value is based on a configuration of the network element at a first time and the first hash value is an acceptable result for the configuration of the network element;
generating a second hash value based on the data associated with the network element wherein the second hash value is based on a configuration of the network element at a second time different than the first time; and
comparing the first hash value with the second hash value to determine whether the network element can be trusted; and
monitoring traffic associated with the network element based on whether the network element can be trusted.
2 Assignments
0 Petitions
Accused Products
Abstract
A communication network is operated by determining whether a network element can be trusted and monitoring traffic associated with the network element based on whether the network element can be trusted. At least some of the monitored traffic may be selected for examination based on the degree of trust for the network element. At least some of the monitored and/or examined traffic is selected to be blocked based on the degree of trust for the network element.
20 Citations
20 Claims
-
1. A method of operating a communication network, comprising:
-
determining whether a network element can be trusted, wherein determining whether a network element can be trusted comprises; generating a first hash value based on data associated with the network element wherein the first hash value is based on a configuration of the network element at a first time and the first hash value is an acceptable result for the configuration of the network element; generating a second hash value based on the data associated with the network element wherein the second hash value is based on a configuration of the network element at a second time different than the first time; and comparing the first hash value with the second hash value to determine whether the network element can be trusted; and monitoring traffic associated with the network element based on whether the network element can be trusted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A communication network, comprising:
-
a verification system that is to determine whether a network element can be trusted by; generating a first hash value based on data associated with the network element wherein the first hash value is based on a configuration of the network element at a first time and the first hash value is an acceptable result for the configuration of the network element; generating a second hash value based on the data associated with the network element wherein the second hash value is based on a configuration of the network element at a second time different than the first time; and comparing the first hash value with the second hash value to determine whether the network element can be trusted; and a monitor that is connected to the verification system and is to monitor traffic associated with the network element based on whether the network element can be trusted. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification