System and method for applying a machine-processable policy rule to information gathered about a network
First Claim
1. A method comprising:
- maintaining in a data store, a natural language policy document for a network policy and one or more machine-processable policy rules;
associating at least a portion of the natural language policy document to at least one of the machine-processable policy rules;
applying the at least one of the machine-processable policy rules to information gathered about a network; and
determining, based on the application of the at least one of the machine-processable policy rules, compliance with the network policy;
wherein the information is gathered via a plurality of audit servers using heterogeneous information sources, the heterogeneous information sources including at least one of a scanner, a camera, and manually entered data;
wherein each of the plurality of audit servers include a scan harness that interoperates with the scanner;
wherein the audit servers are configured to allow enumeration of unique network devices, to allow correlation of characteristics associated with the unique network devices, and to filter network packets.
13 Assignments
0 Petitions
Accused Products
Abstract
A prevention-based network auditing system includes a central compliance server storing both natural language policy documents and machine-processable policy rules in an audit repository. The compliance server provides a client-side user interface allowing a user to easily generate a machine-auditable policy by selecting/generating a natural language policy source document, and linking the applicable machine-processable policy rules to the applicable portions of the source document. The selected machine-processable policy rules are then applied to information gathered about the network during a scheduled network audit session for efficiently and systematically determining whether policy violations and/or vulnerabilities exist.
210 Citations
19 Claims
-
1. A method comprising:
-
maintaining in a data store, a natural language policy document for a network policy and one or more machine-processable policy rules; associating at least a portion of the natural language policy document to at least one of the machine-processable policy rules; applying the at least one of the machine-processable policy rules to information gathered about a network; and determining, based on the application of the at least one of the machine-processable policy rules, compliance with the network policy; wherein the information is gathered via a plurality of audit servers using heterogeneous information sources, the heterogeneous information sources including at least one of a scanner, a camera, and manually entered data; wherein each of the plurality of audit servers include a scan harness that interoperates with the scanner; wherein the audit servers are configured to allow enumeration of unique network devices, to allow correlation of characteristics associated with the unique network devices, and to filter network packets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A server in a network auditing system, the server comprising:
-
a data store storing a natural language policy document for a network policy and one or more machine-processable policy rules; a client-side user interface coupled to the data store, the user interface allowing a user to associate at least a portion of the natural language policy document to at least one of the machine-processable policy rules; means for applying the at least one of the machine-processable policy rules to information gathered about a network; and means for determining, based on the application of the at least one of the machine-processable policy rules, compliance with the network policy; wherein the information is gathered via a plurality of audit servers using heterogeneous information sources, the heterogeneous information sources including at least one of a scanner, a camera, and manually entered data; wherein each of the plurality of audit servers include a scan harness that interonerates with the scanner; wherein the audit servers are configured to allow enumeration of unique network devices, to allow correlation of characteristics associated with the unique network devices, and to filter network packets. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
Specification