×

Integrated computer security management system and method

  • US 8,701,176 B2
  • Filed: 01/16/2012
  • Issued: 04/15/2014
  • Est. Priority Date: 09/07/2001
  • Status: Expired due to Term
First Claim
Patent Images

1. A method comprising:

  • receiving at a computer security device a first indication from a firewall that a first packet is accepted based upon a first firewall rule, wherein the firewall is different from the computer security device;

    in response to receiving the first indication and in response to the computer security device being in an available mode, determining by the computer security device whether to send the first packet based on the first indication and on a first evaluation by the computer security device, wherein processing by the firewall and by the computer security device are performed in parallel;

    in further response to receiving the first indication and in response to the computer security device being in a monitor mode, sending the first packet without waiting for the first evaluation and collecting by the computer security device data about the first packet;

    receiving at the computer security device a second indication from the firewall that a second packet is trusted, wherein the second packet is determined by the firewall to be trusted by identifying a source of the second packet, comparing the identified source to a predetermined list, and if the identified source matches a source on the list, designating the second packet as trusted and originating from a trusted data provider;

    in response to receiving the second indication, sending the second packet without waiting for a second evaluation by the computer security device and irrespective of the second evaluation made by the computer security device;

    determining at the computer security device whether the second packet matches a signature in the computer security device; and

    in response to determining that the second packet matches the signature, modifying the predetermined list to designate future packets from the source of the second packet as un-trusted and originating from an un-trusted data provider.

View all claims
  • 15 Assignments
Timeline View
Assignment View
    ×
    ×