Integrated intrusion detection system and method
First Claim
Patent Images
1. An integrated intrusion detection method comprising:
- gathering information from a plurality of different types of intrusion detection sensors;
processing said information, wherein said processing provides a consolidated correlation of said information;
assigning a severity to said information based on an enterprise wide security policy;
assigning a response corresponding to said information and corresponding to said severity; and
implementing said response according to said severity.
2 Assignments
0 Petitions
Accused Products
Abstract
A present invention integrated intrusion detection method integrates intrusion detection information. In one embodiment, intrusion detection information is gathered from a plurality of different types of intrusion detection sensors. The information is processed in a manner that provides a consolidated correlation of the information. A response is assigned to the information and the response is implemented.
73 Citations
16 Claims
-
1. An integrated intrusion detection method comprising:
-
gathering information from a plurality of different types of intrusion detection sensors; processing said information, wherein said processing provides a consolidated correlation of said information; assigning a severity to said information based on an enterprise wide security policy; assigning a response corresponding to said information and corresponding to said severity; and implementing said response according to said severity. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer usable storage medium having computer readable program code embodied therein for causing a computer system to implement intrusion detection instructions comprising:
-
a data collection module for receiving information from a plurality of different types of intrusion detection sensors, wherein said information indicates potential security issues; an information severity determination module for assigning a severity to said information based on an enterprise wide security policy; an integration module for integrating said information in a network application management platform; a reaction determination module for determining appropriate response to indication of said potential security issues according to said severity; and a reaction direction module for directing said response according to said severity. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
Specification