Device and method for graphically displaying data movement in a secured network
First Claim
1. A method of displaying real-time information associated with network traffic, the method comprising:
- determining a source of a received packet;
determining a destination of a received packet;
determining if the source or the received packet is authorized;
displaying a directional indicator if the source is authorized; and
displaying a first representation of the source if the source is unauthorized, wherein at least one of displaying a directional indicator and displaying a first representation is performed in substantially real-time in accordance with the monitored network traffic.
7 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the invention provide a display screen for a network security device. The screen includes representations of a source and a destination having respective source and destination indicators, such as LEDs. The source indicator is operable to indicate whether the source is authorized or unauthorized. The destination indicator is also operable to indicate whether the destination is authorized or unauthorized to receive the packet. A directional indicator oriented to point from the representation of the source to the representation of the destination is activated if the source and the received packet is authorized, The screen can further comprise additional indicators to indicate whether the security device is operational, to indicate a level of traffic through the security device, or to display a level of activity of a processor for the security device. The screen can be displayed on a computer screen.
54 Citations
40 Claims
-
1. A method of displaying real-time information associated with network traffic, the method comprising:
-
determining a source of a received packet;
determining a destination of a received packet;
determining if the source or the received packet is authorized;
displaying a directional indicator if the source is authorized; and
displaying a first representation of the source if the source is unauthorized, wherein at least one of displaying a directional indicator and displaying a first representation is performed in substantially real-time in accordance with the monitored network traffic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
determining if the destination is authorized; and
displaying a first representation of the destination if the destination is unauthorized or a second representation of the destination if the destination is authorized.
-
-
4. The method of claim 1, further comprising displaying the first representation of the source or a first representation of the destination if the received packet is unauthorized.
-
5. The method of claim 1, further comprising displaying a second representation of the source or a second representation of the destination if the received packet is authorized.
-
6. The method of claim 1 wherein determining whether the source is authorized includes examining a source address of the received packet.
-
7. The method of claim 1 further comprising displaying an indicator representative of a volume of the network traffic.
-
8. The method of claim 1, further comprising displaying an armed or disarmed indicator.
-
9. The method of claim 1 wherein determining if the received packet is authorized includes examining data in the received packet.
-
10. The method of claim 1 wherein displaying is performed on a computer screen or on a network security device.
-
11. The method of claim 1, further comprising:
-
providing representations of a trusted network, external network, and another network; and
displaying a directional indicator between the representations of the trusted and external networks, the trusted and another networks, and the external and another networks to indicate network traffic between the representations of the networks.
-
-
12. A screen for a network security device operable to monitor and control network traffic, the screen comprising:
-
a representation of a source;
a representation of a destination;
a directional indicator pointing towards the representation of the destination and activating if the source or if a received packet is authorized, wherein the representation of the source provides a first indicator if the source is unauthorized, wherein at least one of displaying the directional indicator and displaying the representation is performed in substantially real-time in accordance with the monitored network traffic. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A security system to monitor and control network traffic, the security system comprising:
-
a plurality of network interfaces coupling the security system to a network and receiving the network traffic;
a processor coupled to the plurality of network interfaces to process the network traffic; and
a display screen coupled to the processor and responsive to the processor to display information associated with the network traffic received by the network interfaces, the display screen including;
a representation of a source;
a representation of a destination;
a directional indicator pointing towards the representation of the destination and activating if the source or if a received packet is authorized, wherein the representation of the source provides a first indicator if the source is unauthorized, wherein at least one of displaying the directional indicator and displaying the representation is performed in substantially real-time in accordance with the monitored network traffic. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A computer-readable medium whose contents cause a computer-based security facility to monitor network traffic by:
-
determining a source of a received packet;
determining a destination of the received packet;
determining if the source or the received packet is authorized;
displaying a directional indicator if the source is authorized; and
displaying a first representation of the source if the source is unauthorized, wherein at least one of displaying a directional indicator and displaying a first representation is performed in substantially real-time in accordance with the monitored network traffic. - View Dependent Claims (31, 32, 33, 34, 35, 36)
determine if the destination is authorized; and
display a first representation of the destination if the destination is unauthorized or a second representation of the destination if the destination is authorized.
-
-
33. The computer-readable medium of claim 30 wherein the contents of the computer-readable medium further cause the security facility to display an indicator to indicate a level of network traffic monitored by the security facility, a load on a processor of the security facility, or whether the security facility is functioning.
-
34. The computer-readable medium of claim 30 wherein the contents of the computer-readable medium further cause the security facility to reject the received packet based on whether the source, the destination, or the received packet is unauthorized.
-
35. The computer-readable medium of claim 30 wherein the contents of the computer-readable medium further cause the security facility to:
-
provide representations of a trusted network, external network, and another network; and
display a directional indicator between the representations of the trusted and external networks, the trusted and another networks, and the external and another networks to indicate network traffic between the representations of the networks.
-
-
36. The computer-readable medium of claim 30 wherein displaying is on a computer screen or on a network security device.
-
37. A method of displaying information associated with network traffic, the method comprising:
-
at a first facility, determining a source of a received packet, a destination of the received packet, and whether the source or the received packet is authorized; and
at a second facility, displaying a directional indicator if the source is authorized or displaying a first representation of the source if the source is unauthorized, wherein at least one of displaying a directional indicator and displaying a first representation is performed in substantially real-time in accordance with the monitored network traffic. - View Dependent Claims (38, 39, 40)
providing representations of a trusted network, external network, and another network; and
displaying a directional indicator between the representations of the trusted and external networks, the trusted and another networks, and the external and another networks to indicate network traffic between the representations of the networks.
-
-
39. The method of claim 37 wherein the first and second facilities are proximately located with respect to each other.
-
40. The method of claim 37 wherein the first and second facilities are remotely located with respect to each other.
Specification