Intrusion detection system and method
First Claim
Patent Images
1. A method, comprising:
- receiving network traffic information from a plurality of controllers;
reporting on the network traffic information utilizing at least one network-based interface;
generating a map of a network based on the network traffic information; and
providing intrusion detection services utilizing the network traffic information.
8 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product are provided. Network traffic information is received from a plurality of controllers. The network traffic information is reported utilizing at least one network-based interface. Further, a map of a network is generated based on the network traffic information. Still yet, intrusion detection services are provided utilizing the network traffic information.
77 Citations
16 Claims
-
1. A method, comprising:
-
receiving network traffic information from a plurality of controllers; reporting on the network traffic information utilizing at least one network-based interface; generating a map of a network based on the network traffic information; and providing intrusion detection services utilizing the network traffic information.
-
-
2. The method as recited in claim 1, and further comprising synchronizing a clock with the controllers.
-
3. The method as recited in claim 1, wherein the network traffic information is originally collected by a plurality of agents coupled to the controllers.
-
4. The method as recited in claim 1, and further comprising identifying a zone associated with each of the controllers.
-
5. The method as recited in claim 4, and further comprising reporting on the network traffic information relating to each of the zones.
-
6. The method as recited in claim 1, and further comprising receiving a plurality of the maps from the controllers.
-
7. The method as recited in claim 6, and further comprising reporting on the network traffic information utilizing the maps.
-
8. The method as recited in claim 1, and further comprising offloading the network traffic information to a database.
-
9. The method as recited in claim 1, wherein the map includes a correlation among computers of the network and the network traffic information associated therewith.
-
10. The method as recited in claim 1, wherein a report is generated including a plurality of objects in a tree representation.
-
11. The method as recited in claim 1, wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.
-
12. The method as recited in claim 1, wherein the intrusion detection services include scanning the network traffic information and detecting intrusions in the network based on the scanned network traffic information.
-
13. The method as recited in claim 1, wherein a fee associated with the reporting is determined based on a number of the controllers.
-
14. The method as recited in claim 1, wherein the fee is reoccurring.
-
15. A computer program product embodied on a computer readable medium, comprising:
-
computer code for receiving network traffic information from a plurality of controllers or agents; computer code for reporting on the network traffic information utilizing at least one network-based interface; computer code for generating a map of a network based on the network traffic information; and computer code for providing intrusion detection services utilizing the network traffic information.
-
-
16. A system, comprising:
-
logic for receiving network traffic information from a plurality of controllers or agents; logic for reporting on the network traffic information utilizing at least one network-based interface; logic for generating a map of a network based on the network traffic information; and logic for providing intrusion detection services utilizing the network traffic information.
-
Specification