COMPUTER NETWORK SECURITY CONFIGURATION VISUALIZATION AND CONTROL SYSTEM
First Claim
1. A computer-implemented method of generating a map in a user interface representing a network security configuration of a computer network comprising a plurality of network appliances, the method comprising:
- receiving a plurality of standardized firewall configurations corresponding respectively to the plurality of network appliances;
processing the plurality of standardized firewall configurations to identify network security enclaves;
receiving a plurality of security sensitivity values corresponding respectively to the plurality of network appliances;
receiving network traffic data identifying and characterizing network traffic flows in the computer network between corresponding ones of the network appliances; and
generating in the user interface the map representing graphically the network appliances, the network security enclaves, the respective security sensitivity values, and the network traffic flows.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing device is configured to retrieve network security configuration information from a computer network and generate a security configuration map which readily enables a user to detect defects in the security configuration with respect to a security policy. The computing device retrieves firewall configurations from security appliances in the network which operate firewalls, and processes the firewall configurations to generate a set of corresponding standardized firewall configurations. These are processed to identify enclaves containing network nodes which are associated with respective security sensitivity values based on the security policy. The computing device monitors and detects inter-node network traffic. The computing device generates a map representing the network nodes and security appliances, the security enclaves, the respective security sensitivity values, and the network traffic flows, thereby rendering readily visible inconsistencies between the actual security configuration and traffic flows, and the security policy.
-
Citations
25 Claims
-
1. A computer-implemented method of generating a map in a user interface representing a network security configuration of a computer network comprising a plurality of network appliances, the method comprising:
-
receiving a plurality of standardized firewall configurations corresponding respectively to the plurality of network appliances; processing the plurality of standardized firewall configurations to identify network security enclaves; receiving a plurality of security sensitivity values corresponding respectively to the plurality of network appliances; receiving network traffic data identifying and characterizing network traffic flows in the computer network between corresponding ones of the network appliances; and generating in the user interface the map representing graphically the network appliances, the network security enclaves, the respective security sensitivity values, and the network traffic flows. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 24, 25)
-
-
16-23. -23. (canceled)
Specification