Method and system for analyzing the security of a network
First Claim
1. A method for analyzing security of a computer network, the method comprising:
- collecting security configuration settings from each of a plurality of nodes of the computer network, for each node;
opening a communication session with the node;
querying the node using the communication session to determine the node'"'"'s security configurations settings; and
obtaining rules that each of the nodes uses to admit or deny network traffic;
graphically displaying topology of the network on a user interface by displaying a representation for each of the nodes on the network and displaying connections between the representations, the connections being representative of communication paths between each of the nodes;
receiving, from a user, a selection of a first representation of a first node of the plurality of nodes and a second representation of a second node of the plurality of nodes;
displaying a plurality of rules for each of the first and second nodes, the rules indicating a plurality of criteria by which each of the nodes admits or denies traffic on the network;
analyzing the security configuration settings;
generating a security path policy for along each of all possible communications paths between the first and second nodes based on the results of the analyzing step, the generating step further comprising;
determining an aggregate effect of the security settings of each of the devices along each of the possible communications paths between the first and second nodes;
expressing the generated security path policy in the form of a canonical ruleset language;
displaying a plurality of rules including all rules for all nodes comprising the aggregate effect of the generated security path policy, the rules indicating a plurality of criteria by which each of the nodes admits or denies traffic on the network; and
displaying the generated security path policy on the user interface.
9 Assignments
0 Petitions
Accused Products
Abstract
Described herein are a method and system for analyzing the security of a computer network. According to various implementations, there is a device adapter associated with each device that has a significant impact on the security of the network (e.g., routers, switches, gateways, or “significant hosts”). The device adapter, which may be implemented as a piece of software executing remotely from the device, queries the device to determine what its security settings are (e.g., its firewall rules). The device adapter conducts the query using whichever form of communication the device requires (e.g., telnet, HTTP) and using whichever command set the device requires. Each type of device on the network has a software model associated with it. For example, there may be a router model, a switch model, a firewall model, and a gateway model. The model is made up of a series of rule sets. Each rule set includes rules that are derived from the configuration of the device (obtained by the device adapter). The rules are expressed in a canonical rule set language. A global view of the security policy of the network is generated based on the modeled behaviors of the security devices (i.e., devices that have an impact on security) of the network, and is displayed on a user interface.
68 Citations
16 Claims
-
1. A method for analyzing security of a computer network, the method comprising:
-
collecting security configuration settings from each of a plurality of nodes of the computer network, for each node; opening a communication session with the node; querying the node using the communication session to determine the node'"'"'s security configurations settings; and obtaining rules that each of the nodes uses to admit or deny network traffic; graphically displaying topology of the network on a user interface by displaying a representation for each of the nodes on the network and displaying connections between the representations, the connections being representative of communication paths between each of the nodes; receiving, from a user, a selection of a first representation of a first node of the plurality of nodes and a second representation of a second node of the plurality of nodes; displaying a plurality of rules for each of the first and second nodes, the rules indicating a plurality of criteria by which each of the nodes admits or denies traffic on the network; analyzing the security configuration settings; generating a security path policy for along each of all possible communications paths between the first and second nodes based on the results of the analyzing step, the generating step further comprising; determining an aggregate effect of the security settings of each of the devices along each of the possible communications paths between the first and second nodes; expressing the generated security path policy in the form of a canonical ruleset language; displaying a plurality of rules including all rules for all nodes comprising the aggregate effect of the generated security path policy, the rules indicating a plurality of criteria by which each of the nodes admits or denies traffic on the network; and displaying the generated security path policy on the user interface. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for analyzing security of a computer network, the method comprising:
-
collecting security configuration settings from a plurality of nodes of the computer network, for each node; opening a communication session with the node; querying the node using the communication session to determine the node'"'"'s security configuration settings; and obtaining rules that each of the nodes uses to admit or deny network traffic; graphically displaying topology of the network on a user interface by displaying a representation for each of the nodes on the network and displaying connections between the representations, the connections being representative of communication paths between each of the nodes; receiving, from a user, a selection of a first representation of a first node of the plurality of nodes and a second representation of a second node of the plurality of nodes; analyzing the security configuration settings using a plurality of criteria; generating a security path policy for along each of all possible communication paths between the first and second nodes based on the results of the analyzing step, the generating step further comprising; determining an aggregate effect of the security settings of each of the devices along each of the possible communications paths between the first and second nodes; expressing the generated security path policy in terms of the plurality of criteria; displaying a plurality of rules including all rules for all nodes comprising the aggregate effect of the generated security path policy, the rules indicating a plurality of criteria by which each of the nodes admits or denies traffic on the network; graphically representing the generated security path policy as a hierarchy, wherein each of the plurality of criteria occupies a level in the hierarchy; receiving a user request to reorder the plurality of criteria within the hierarchy; and based on the user request, repeating the graphically representing step using the reordered plurality of criteria. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A system for analyzing security of a computer network, the system comprising:
-
a plurality of devices communicatively linked to the computer network; a computer communicatively linked to the computer network for collecting security configuration settings from each of the plurality of devices, the computer comprising software in a non-transient medium comprising; a plurality of device adapters, each device adapter corresponding to a device of the plurality of devices, each device adapter performing steps comprising; opening a communication session with the device using a communication protocol that the device is configured for; and extracting security configuration information from the device by querying the device during the communication session, including information regarding which types of communication the device allows and which types of communication the device denies; a network simulator comprising software in a non-transient medium that performs steps comprising; defining models for the plurality of devices based on the extracted security configuration information; deriving a security path policy for communication between a first device and a second device of the plurality of devices based on the defined models, the security path policy being expressed as a set of criteria for admitting and denying communication between the first and second devices and based on an aggregate effect of the security settings of each of the plurality of devices along each possible communication path between the first and second devices; a user interface device that graphically displays a topology of the network on the user interface device by displaying a representation for each of the devices on the network and displaying connections between the representations, the connections being representative of communication paths between the devices, and that graphically displaying a plurality of rules including all rules for all nodes comprising the aggregate effect of the generated security path policy, the rules indicating a plurality of criteria by which each of the nodes admits or denies traffic on the network; wherein the user interface device comprises a user interface module that performs steps comprising; receiving a user'"'"'s selection of the first device and the second device; displaying, to the user, the derived security path policy in a form of a tree, the tree being structured based rank order of the criteria; receiving, from the user, a request to change the rank order of the criteria; and re-displaying the tree to the user based on the changed rank order. - View Dependent Claims (13, 14, 15, 16)
-
Specification