Systems and methods for modifying network map attributes
First Claim
Patent Images
1. A method for assigning a vulnerability parameter to a device on a network, comprising:
- passively determining, responsive to a passively read packet, a vulnerability parameter for an operating system or service;
storing, responsive to the vulnerability parameter being passively determined, the vulnerability parameter in a host map associated with a network device;
providing a graphical user interface for viewing and modifying the vulnerability parameter which was passively determined; and
storing the modified vulnerability parameter in the host map, whereinthe vulnerability parameter is invalid or valid,when the vulnerability parameter is invalid and a pre-defined change in the operating system or service occurs on the network device, a vulnerability lookup is performed for the changed operating system or service and the vulnerability parameter is mapped from invalid to valid based on the vulnerability lookup for the changed operating system or service,whereinthe vulnerability parameter is associated with a universal unique identifier to distinguish between locally and remotely generated vulnerability parameters and is synchronized to a high availability peer, the vulnerability parameter being propagated from the host map to the high availability peer,when the vulnerability parameter is modified at the high availability peer, the modified vulnerability parameter is propagated from the high availability peer back to the host map.
3 Assignments
0 Petitions
Accused Products
Abstract
The disclosed systems and methods provide a user interface for modifying host configuration data that has been automatically and passively determined and for adding or modifying other parameters associated with a host. A host data table can store various parameters descriptive of a host including the applicability of specific vulnerabilities. If it is determined that one or more hosts should not be identified as associated with a specific vulnerability, a graphical user interface can be used to modify the vulnerability parameter.
-
Citations
7 Claims
-
1. A method for assigning a vulnerability parameter to a device on a network, comprising:
-
passively determining, responsive to a passively read packet, a vulnerability parameter for an operating system or service; storing, responsive to the vulnerability parameter being passively determined, the vulnerability parameter in a host map associated with a network device; providing a graphical user interface for viewing and modifying the vulnerability parameter which was passively determined; and storing the modified vulnerability parameter in the host map, wherein the vulnerability parameter is invalid or valid, when the vulnerability parameter is invalid and a pre-defined change in the operating system or service occurs on the network device, a vulnerability lookup is performed for the changed operating system or service and the vulnerability parameter is mapped from invalid to valid based on the vulnerability lookup for the changed operating system or service, wherein the vulnerability parameter is associated with a universal unique identifier to distinguish between locally and remotely generated vulnerability parameters and is synchronized to a high availability peer, the vulnerability parameter being propagated from the host map to the high availability peer, when the vulnerability parameter is modified at the high availability peer, the modified vulnerability parameter is propagated from the high availability peer back to the host map. - View Dependent Claims (2, 3, 4)
-
-
5. A method for assigning a vulnerability parameter to a device on a network, comprising:
-
passively determining, responsive to a passively read packet, a vulnerability parameter for an operating system or service; storing, responsive to the vulnerability parameter being passively determined, the vulnerability parameter in a host map associated with a network device; providing a graphical user interface for viewing and modifying the vulnerability parameter which was passively determined; and storing the modified vulnerability parameter in the host map, wherein the vulnerability parameter is associated with a universal unique identifier to distinguish between locally and remotely generated vulnerability parameters and is synchronized to a high availability peer, the vulnerability parameter being propagated from the host map to the high availability peer, when the vulnerability parameter is modified at the high availability peer, the modified vulnerability parameter is propagated from the high availability peer back to the host map.
-
-
6. A system for assigning a vulnerability parameter to a device on a network, comprising:
-
a computer-readable medium for storing, responsive to a vulnerability parameter for an operating system or service being passively determined, the vulnerability parameter for the operating system or service in a host map associated with a network device; a display configured to display a graphical user interface for viewing and modifying the vulnerability parameter which was passively determined, the vulnerability parameter being assigned to the service or operating system; and a computer-readable medium for storing the modified vulnerability parameter in the host map, wherein the vulnerability parameter is invalid or valid, when the vulnerability parameter is invalid and a pre-defined change in the operating system or service occurs on the network device, a vulnerability lookup is performed for the changed operating system or service and the vulnerability parameter is mapped from invalid to valid based on the vulnerability lookup for the changed operating system or service, wherein the vulnerability parameter is associated with a universal unique identifier to distinguish between locally and remotely generated vulnerability parameters and is synchronized to a high availability peer, the vulnerability parameter being propagated from the host map to the high availability peer, when the vulnerability parameter is modified at the high availability peer, the modified vulnerability parameter is propagated from the high availability peer back to the host map.
-
-
7. A system for assigning a vulnerability parameter to a device on a network, comprising:
-
a computer-readable medium for storing, responsive to a vulnerability parameter for an operating system or service being passively determined, the vulnerability parameter for the operating system or service in a host map associated with a network device; a display configured to display a graphical user interface for viewing and modifying the vulnerability parameter which was passively determined, the vulnerability parameter being assigned to the service or operating system; and a computer-readable medium for storing the modified vulnerability parameter in the host map, wherein the vulnerability parameter is associated with a universal unique identifier to distinguish between locally and remotely generated vulnerability parameters and is synchronized to a high availability peer, the vulnerability parameter being propagated from the host map to the high availability peer, when the vulnerability parameter is modified at the high availability peer, the modified vulnerability parameter is propagated from the high availability peer back to the host map.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeCisco Technology, Inc. (Cisco Systems, Inc.)
-
Original AssigneeSourcefire Incorporated (Cisco Systems, Inc.)
-
InventorsVogel, William A. III, Bruzek, Dina L.
-
Primary Examiner(s)Ryman; Daniel J
-
Assistant Examiner(s)CRUTCHFIELD, CHRISTOPHER M
-
Application NumberUS11/272,034Publication NumberTime in Patent Office1,667 DaysField of Search370/254, 370/255, 370/256, 370/257, 709/223, 709/224, 726/25US Class Current370/254CPC Class CodesH04L 63/1408 by monitoring network traff...H04L 63/1433 Vulnerability analysis
