System and method for detecting and preventing security
First Claim
1. A method for providing security against intrusion in a computer network having a plurality of managed devices, said method comprising the steps of:
- discovering by a first managed device each of said plurality of managed devices that are enabled to provide network security;
detecting an unauthorized address on a first port of said first managed device and disabling said first port;
setting a filter at each of said plurality of managed devices to prevent frames having the unauthorized address from being forwarded through said computer network; and
reenabling said first port after said filtering step has been completed.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing security against intrusion in a campus LAN network is provided. A managed hub discovers each interconnect device in the network that supports the security feature and maintains an interconnect device list of such devices, which may include token ring switches, Ethernet switches, bridges and routers. The managed hub detects an intrusion by an unauthorized address on one of its ports and notifies the interconnect devices of the intrusion by transmitting a security breach detected frame. The interconnect devices set a filter on their respective ports against the intruding unauthorized address. The interconnect devices send a filter set frame to the managed hub which reenables the port where the security intrusion occurred, after all filter set frames are received. A network management station sends a security clear condition frame to remove the filters.
-
Citations
59 Claims
-
1. A method for providing security against intrusion in a computer network having a plurality of managed devices, said method comprising the steps of:
-
discovering by a first managed device each of said plurality of managed devices that are enabled to provide network security; detecting an unauthorized address on a first port of said first managed device and disabling said first port; setting a filter at each of said plurality of managed devices to prevent frames having the unauthorized address from being forwarded through said computer network; and reenabling said first port after said filtering step has been completed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system for providing security against intrusion in a computer network having a plurality of managed devices, said system comprising:
-
means for discovering at a first managed device each of said plurality of managed devices that are enabled to provide network security; means for detecting an unauthorized address on a first port of said first managed device and means for disabling said first port; means for setting a filter at each of said plurality of managed devices to prevent frames having the unauthorized address from being forwarded through said computer network; and means for reenabling said first port of said first managed device after said filtering step has been completed. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A method for providing security against intrusion in a computer network having a managed hub and at least one interconnect device, said method comprising the steps of:
-
building and maintaining an authorized address list at said managed hub of addresses that are allowed to connect to each port in said managed hub; discovering by said managed hub each interconnect device that is enabled to provide network security; detecting an unauthorized address on a first port of said managed hub and disabling said first port; setting a filter at each interconnect device to prevent frames having the unauthorized address from being forwarded through said computer network; and reenabling said first port after said filtering step has been completed. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51)
-
-
52. A system for providing security against intrusion in a computer network having a managed hub and at least one interconnect device, said system comprising:
-
means for building and maintaining an authorized address list at said managed hub of addresses that are allowed to connect to each port in said managed hub; means for discovering by said managed hub each interconnect device that is enabled to provide network security; means for detecting an unauthorized address on a first port of said managed hub and means for disabling said first port; means for setting a filter at each interconnect device to prevent frames having the unauthorized address from being forwarded through said computer network; and means for reenabling said first port of said managed hub after said filtering step has been completed. - View Dependent Claims (53, 54, 55, 56, 57, 58, 59)
-
Specification