Network audit and policy assurance system
First Claim
1. A network auditing system for auditing a data communications network, the system comprising:
- a first server configuring policies and audits of the data communications network;
one or more second servers coupled to the first server, the one or more second servers gathering information about the network in response to the configured audits and transmitting the gathered information to the first server; and
a data store coupled to the first server, the data store storing the gathered information transmitted by the one or more second servers, wherein the first server determines compliance with one of the configured network policies and independently makes a recommendation, in response to the determination, for modifying a network feature;
wherein the recommendation is a task associated with the network feature;
wherein a status of the recommended task is monitored;
wherein completion of the recommended task is verified;
wherein the first server provides, in response to the determination, a graphical representation of a security of the data communications network;
wherein the recommendation is associated with a change to one of the configured network policies and logics for modeling an effect of the change to one of the configured network policies.
12 Assignments
0 Petitions
Accused Products
Abstract
A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.
266 Citations
21 Claims
-
1. A network auditing system for auditing a data communications network, the system comprising:
-
a first server configuring policies and audits of the data communications network; one or more second servers coupled to the first server, the one or more second servers gathering information about the network in response to the configured audits and transmitting the gathered information to the first server; and a data store coupled to the first server, the data store storing the gathered information transmitted by the one or more second servers, wherein the first server determines compliance with one of the configured network policies and independently makes a recommendation, in response to the determination, for modifying a network feature; wherein the recommendation is a task associated with the network feature; wherein a status of the recommended task is monitored; wherein completion of the recommended task is verified; wherein the first server provides, in response to the determination, a graphical representation of a security of the data communications network; wherein the recommendation is associated with a change to one of the configured network policies and logics for modeling an effect of the change to one of the configured network policies. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 17, 18, 19, 20, 21)
-
-
15. A method, comprising:
-
configuring policies and audits of a data communications network, utilizing a first server; gathering information about the network in response to the configured audits and transmitting the gathered information to the first server, utilizing one or more second servers coupled to the first server; and storing the gathered information transmitted by the one or more second servers utilizing a data store coupled to the first server, wherein the first server determines compliance with one of the configured network policies and independently makes a recommendation, in response to the determination, for modifying a network feature; wherein the recommendation is a task associated with the network feature; wherein a status of the recommended task is monitored; wherein completion of the recommended task is verified; wherein the first server provides, in response to the determination, a graphical representation of a security of the data communications network; wherein the recommendation is associated with a change to one of the configured network policies and logics for modeling an effect of the change to one of the configured network policies.
-
-
16. A computer program product embodied on a tangible computer readable medium, comprising:
-
computer code for configuring policies and audits of a data communications network, utilizing a first server; computer code for gathering information about the network in response to the configured audits and transmitting the gathered information to the first server, utilizing one or more second servers coupled to the first server; and computer code for storing the gathered information transmitted by the one or more second servers utilizing a data store coupled to the first server, wherein the first server determines compliance with one of the configured network policies and independently makes a recommendation, in response to the determination, for modifying a network feature; wherein the recommendation is a task associated with the network feature; wherein a status of the recommended task is monitored; wherein completion of the recommended task is verified; wherein the first server provides, in response to the determination, a graphical representation of a security of the data communications network; wherein the recommendation is associated with a change to one of the configured network policies and logics for modeling an effect of the change to one of the configured network policies.
-
Specification