Method and apparatus for protecting a network from attack
First Claim
Patent Images
1. A method for initializing a network device, the method comprising the steps of:
- retrieving an initial communication address from a local memory of the network device;
transmitting a secure identifier to the initial communications address, the secure identifier identifying the network device;
verifying the authenticity of the secure identifier;
retrieving a configuration record from a configuration record repository, the configuration record indicating which features of the network device are to be enabled, and the configuration record repository including at least one separate configuration record for each of a plurality of network devices, each of the at least one separate configuration records enabling a corresponding one of the plurality of network devices to be reconfigured in the event an attacker alters configurations of the plurality of network devices, the retrieved configuration record being associated with the network device that corresponds to the secure identifier, each of the plurality of network devices being capable of having multiple configuration records, wherein each of the multiple configuration records for each of the plurality of network devices represents different configurations at different time frames;
receiving at least an indication of the configuration record at the network device; and
installing the at least an indication of the configuration record at the network device.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus to initializing a network device is described. In one embodiment, the present invention includes the step of: retrieving an initial communications address from a local memory of the network device; transmitting a secure identifier to the initial communications address verifying the authenticity of the secure identifier; retrieving a configuration record from a configuration record repository, the retrieved configuration record being associated with the network device that corresponds to the secure identifier; receiving the configuration record at the network device; and installing the configuration record at the network device.
217 Citations
7 Claims
-
1. A method for initializing a network device, the method comprising the steps of:
-
retrieving an initial communication address from a local memory of the network device; transmitting a secure identifier to the initial communications address, the secure identifier identifying the network device; verifying the authenticity of the secure identifier; retrieving a configuration record from a configuration record repository, the configuration record indicating which features of the network device are to be enabled, and the configuration record repository including at least one separate configuration record for each of a plurality of network devices, each of the at least one separate configuration records enabling a corresponding one of the plurality of network devices to be reconfigured in the event an attacker alters configurations of the plurality of network devices, the retrieved configuration record being associated with the network device that corresponds to the secure identifier, each of the plurality of network devices being capable of having multiple configuration records, wherein each of the multiple configuration records for each of the plurality of network devices represents different configurations at different time frames; receiving at least an indication of the configuration record at the network device; and installing the at least an indication of the configuration record at the network device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeIntelliden, Inc. (International Business Machines Corporation)
-
InventorsTindal, Glen D., Schenk, Jeffery A.
-
Primary Examiner(s)TRAN, ELLEN C
-
Application NumberUS10/213,949Publication NumberTime in Patent Office2,092 DaysField of Search726/15, 726/6, 726/14, 713/153, 713/150, 713/100US Class Current713/153CPC Class CodesH04L 63/0823 using certificates cryptogr...H04L 63/10 for controlling access to d...H04L 63/1441 Countermeasures against mal...
