×

System and Method for Incorporating Quality-of-Service and Reputation in an Intrusion Detection and Prevention System

  • US 20140007217A1
  • Filed: 08/28/2013
  • Published: 01/02/2014
  • Est. Priority Date: 11/28/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • determining by a firewall whether a first packet should be admitted to a protected network;

    receiving at an intrusion prevention system of the protected network a first reputation score for the first packet based upon a first source of the first packet, wherein the firewall is different from the intrusion protection system;

    providing the first packet to a first one of a plurality of buffers of the intrusion prevention system, wherein each buffer is associated with a different range of reputation scores, and wherein the first reputation score for the first packet is within the range of reputation scores associated with the first buffer;

    processing the first packet by a first one of a plurality of processing engines to determine if the first packet includes an exploit;

    forwarding the first packet to the protected network when the first packet does not include the exploit;

    determining by the firewall whether a second packet should be admitted to the protected network;

    receiving at the intrusion prevention system a second reputation score for the second packet based upon a second source of the second packet; and

    bypassing the buffers in response to the second reputation score being greater than a first threshold, and forwarding the second packet to the protected network without processing the second packet by any of the processing engines.

View all claims
  • 11 Assignments
Timeline View
Assignment View
    ×
    ×