Domain mapping method and system
First Claim
1. A system for mapping a network domain, the system comprising:
- plural network devices interfaced with the network, each network device having network information; and
a domain mapping device interfaced with the network, the domain mapping device operable to;
receive and store the network information from one or more network devices, provide the network information to an intrusion detection system upon receiving a query, analyze the stored network information, generate a network map based on the analysis and the stored network information, determine a potential vulnerability based on the analysis, and configure the intrusion detection system based on the network map and the potential vulnerability.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for mapping a network domain provides a centralized repository for network information to support network devices, including an intrusion detection system. A domain mapping device includes an acquisition engine for acquiring network information, hypercube storage for storing network information, and a query engine for responding to queries from network devices for network information. The acquisition engine acquires network information by active scanning of network devices, passive scanning of network devices, polling of network devices, or receiving network information pushed from network devices. The network information includes device type, operating system, service and vulnerability information. The query engine provides network information in response to queries from network devices, such as intrusion detection devices that use the data to detect attacks on the vulnerabilities of the network.
254 Citations
20 Claims
-
1. A system for mapping a network domain, the system comprising:
-
plural network devices interfaced with the network, each network device having network information; and
a domain mapping device interfaced with the network, the domain mapping device operable to;
receive and store the network information from one or more network devices, provide the network information to an intrusion detection system upon receiving a query, analyze the stored network information, generate a network map based on the analysis and the stored network information, determine a potential vulnerability based on the analysis, and configure the intrusion detection system based on the network map and the potential vulnerability. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for mapping a network domain comprising the steps of:
-
acquiring network information for one or more network devices associated with the network domain;
storing the network information;
interfacing the stored network information with the network;
querying the stored network information with an intrusion detection system;
analyzing the stored network information;
generating a network map based on the analysis and the stored network information;
determining a potential vulnerability based on the analysis; and
configuring the intrusion detection system based on the network map and the potential vulnerability. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification