Systems and methods for processing data flows
DCFirst Claim
1. A method of securing a plurality of virtual networks with a virtualized network security system (VNSS), comprising:
- providing a plurality of flow processors, each configured as elements of the VNSS for processing a data flow, said data flow being transferred between a first port and a second port of the VNSS, the data flow comprising subscriber profile data;
establishing a first security policy for a first virtual network based at least in part on the subscriber profile data included in the data flow;
establishing a second security policy for a second virtual network based at least in part on the subscriber profile data included in the data flow;
processing the data flow received at said first port for the first and second virtual networks through at least one of the plurality of flow processors, wherein portions of the data flow that are associated with the first virtual network are processed according to the first security policy, and wherein portions of the data flow that are associated with the second virtual network are processed according to the second security policy, said processing further comprising;
making a first determination, in accordance with one of the first security policy and the second security policy, of abnormalities that are associated with the data flow, the first determination based at least in part on the subscriber identified by the subscriber profile data; and
making a second determination, in accordance with one of the first security policy and the second security policy, based at least in part on the subscriber identified by the subscriber profile data, andtransferring said data flow to said second port.
13 Assignments
Litigations
1 Petition
Accused Products
Abstract
A flow processing facility, which uses a set of artificial neurons for pattern recognition, such as a self-organizing map, in order to provide security and protection to a computer or computer system supports unified threat management based at least in part on patterns relevant to a variety of types of threats that relate to computer systems, including computer networks. Flow processing for switching, security, and other network applications, including a facility that processes a data flow to address patterns relevant to a variety of conditions are directed at internal network security, virtualization, and web connection security. A flow processing facility for inspecting payloads of network traffic packets detects security threats and intrusions across accessible layers of the IP-stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps. Exposing threats and intrusions within packet payload at or near real-time rates enhances network security from both external and internal sources while ensuring security policy is rigorously applied to data and system resources. Intrusion Detection and Protection (IDP) is provided by a flow processing facility that processes a data flow to address patterns relevant to a variety of types of network and data integrity threats that relate to computer systems, including computer networks.
-
Citations
18 Claims
-
1. A method of securing a plurality of virtual networks with a virtualized network security system (VNSS), comprising:
-
providing a plurality of flow processors, each configured as elements of the VNSS for processing a data flow, said data flow being transferred between a first port and a second port of the VNSS, the data flow comprising subscriber profile data; establishing a first security policy for a first virtual network based at least in part on the subscriber profile data included in the data flow; establishing a second security policy for a second virtual network based at least in part on the subscriber profile data included in the data flow; processing the data flow received at said first port for the first and second virtual networks through at least one of the plurality of flow processors, wherein portions of the data flow that are associated with the first virtual network are processed according to the first security policy, and wherein portions of the data flow that are associated with the second virtual network are processed according to the second security policy, said processing further comprising; making a first determination, in accordance with one of the first security policy and the second security policy, of abnormalities that are associated with the data flow, the first determination based at least in part on the subscriber identified by the subscriber profile data; and making a second determination, in accordance with one of the first security policy and the second security policy, based at least in part on the subscriber identified by the subscriber profile data, and transferring said data flow to said second port. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of configuring virtual network security in a virtualized network security system (VNSS), comprising:
-
configuring two or more of a plurality of flow processing facilities into a VNSS, said data flow being transferred between a first port and a second port of the VNSS, the data flow comprising subscriber profile data; connecting a network management facility with the plurality of flow processing facilities through the VNSS; establishing a first security policy for a first virtual network based at least in part on the subscriber profile data included in the data flow; establishing a second security policy for a second virtual network based at least in part on the subscriber profile data included in the data flow; and managing the first and second security policies, wherein the two or more flow processing facilities in the VNSS receive and execute the first and second security policies while receiving said data flow on said plurality of first ports and transferring said data flow to said plurality of second ports, said managing further comprising; making a first determination, in accordance with one of the first security policy and the second security policy, of abnormalities that are associated with the data flow, the first determination based at least in part on the subscriber identified by the subscriber profile data; and making a second determination, in accordance with one of the first security policy and the second security policy, based at least in part on the subscriber identified by the subscriber profile data. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A virtualized network security system (VNSS) comprising:
-
a plurality of flow processing facilities configured as elements of the VNSS for processing a data flow, said data flow being transferred between a first port and a second port of the VNSS, the data flow comprising subscriber profile data; a network management facility that is networked with the plurality of flow processing facilities; and a first security policy for a first virtual network, based at least in part on the subscriber profile data included in the data flow; a second security policy for a second virtual network, based at least in part on the subscriber profile data included in the data flow, wherein the two or more flow processing facilities receive at least one of the first security policy and the second security policy while receiving said data flow on said plurality of first ports and transferring said data flow to said plurality of second ports, wherein the plurality of flow processing facilities make a first determination, in accordance with one of the first security policy and the second security policy, of abnormalities that are associated with the data flow, the first determination based at least in part on the subscriber identified by the subscriber profile data; and wherein the plurality of flow processing facilities make a second determination, in accordance with one of the first security policy and the second security policy, based at least in part on the subscriber identified by the subscriber profile data. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification