System and method for interfacing with heterogeneous network data gathering tools
First Claim
Patent Images
1. A method, comprising:
- mapping dynamic addresses associated with network hosts to static identifiers associated with the network hosts;
receiving results from a scan of the network hosts in heterogeneous formats;
maintaining a reference map that maps an identifier of a test conducted by a first one of the network hosts to an identifier of a test conducted by a second one of the network hosts;
identifying semantically equivalent results from the scan, based, at least in part, on the reference map;
comparing at least a portion of the semantically equivalent results with a network policy to determine compliance with the network policy; and
maintaining a history of compliance for each of the network hosts based on the static identifiers.
12 Assignments
0 Petitions
Accused Products
Abstract
A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.
277 Citations
21 Claims
-
1. A method, comprising:
-
mapping dynamic addresses associated with network hosts to static identifiers associated with the network hosts; receiving results from a scan of the network hosts in heterogeneous formats; maintaining a reference map that maps an identifier of a test conducted by a first one of the network hosts to an identifier of a test conducted by a second one of the network hosts; identifying semantically equivalent results from the scan, based, at least in part, on the reference map; comparing at least a portion of the semantically equivalent results with a network policy to determine compliance with the network policy; and maintaining a history of compliance for each of the network hosts based on the static identifiers. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. Logic encoded in one or more non-transitory media that includes code for execution and, when executed by one or more processors, is operable to perform operations comprising:
-
mapping dynamic addresses associated with network hosts to static identifiers associated with the network hosts; receiving results from a scan of the network hosts in heterogeneous formats; maintaining a reference map that maps an identifier of a test conducted by a first one of the network hosts to an identifier of a test conducted by a second one of the network hosts; identifying semantically equivalent results from the scan, based, at least in part, on the reference map; comparing at least a portion of the semantically equivalent results with a network policy to determine compliance with the network policy; and maintaining a history of compliance for each host based on the static identifiers. - View Dependent Claims (9, 10, 11, 12, 13, 14, 21)
-
-
15. A system, comprising:
one or more processors operable to execute instructions stored on a memory such that the one or more processors map dynamic addresses associated with network hosts to static identifiers associated with the network hosts; receive results from a scan of the network hosts in heterogeneous formats; maintain a reference map that maps an identifier of a test conducted by a first one of the network hosts to an identifier of a test conducted by a second one of the network hosts; identify semantically equivalent results from the scan, based, at least in part, on the reference map; compare at least a portion of the semantically equivalent results with a network policy to determine compliance with the network policy; and maintain a history of compliance for each of the network hosts based on the static identifiers. - View Dependent Claims (16, 17, 18, 19, 20)
Specification