Network management system for detecting and displaying a security hole

US 5,684,957 A
Filed: 03/29/1994
Issued: 11/04/1997
Est. Priority Date: 03/29/1993
Status: Expired due to Term

First Claim

Patent Images

1. A network management system for managing and operating a network having a plurality of network devices containing a computer connected therewith, comprising:

a database for storing information relating to a physical arrangement of said network devices and a relationship of connection thereof;

a display device for displaying a drawing of a network configuration;

first detection means for detecting a security hole of the network, said security hole being selected from the group consisting of an access point with an external network, a condition of allowing access to an external network, a deviation of contents of a communication traveling on the network, network occupancy by a particularly defined user, program, or command, a security level or user right for a program or group of commands operated by a user employing a network device connected in the network, a condition of allowing access to a network device other than a computer connected in the network, a condition of allowing access to a program or command subject to a privileged user right defined by the network device, a condition of allowing access of the network device to information for setting an access condition, a security level or a user right for a program or a group of commands being operated in the network, an activation of a program or a command with a privileged user right, and an internal logical network separate from the overall network system management;

means for displaying the security hole, detected by said first detection means, on the display device, on one of a drawing of a logical network configuration and a drawing of a physical network configuration on the basis of the information stored in said database, in a display state suitable for showing contents of the security hole or an extent of significance of the security hole; and

processing means for taking a necessary measure against the security hole by consulting a security measures table.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network management system can detect a security hole on the network and take necessary measures against such a security hole. When the security hole is detected on the network, the security hole is displayed on a drawing of the network configuration. Further, the network management system displays the status of connection from the outside network, the contents of accesses to the computer and the network device, the status of access to the network environment maintenance file, and the status of login procedures executed with the privileged user.

103 Citations

View as Search Results

8 Claims

1. A network management system for managing and operating a network having a plurality of network devices containing a computer connected therewith, comprising:
- a database for storing information relating to a physical arrangement of said network devices and a relationship of connection thereof;
  
  a display device for displaying a drawing of a network configuration;
  
  first detection means for detecting a security hole of the network, said security hole being selected from the group consisting of an access point with an external network, a condition of allowing access to an external network, a deviation of contents of a communication traveling on the network, network occupancy by a particularly defined user, program, or command, a security level or user right for a program or group of commands operated by a user employing a network device connected in the network, a condition of allowing access to a network device other than a computer connected in the network, a condition of allowing access to a program or command subject to a privileged user right defined by the network device, a condition of allowing access of the network device to information for setting an access condition, a security level or a user right for a program or a group of commands being operated in the network, an activation of a program or a command with a privileged user right, and an internal logical network separate from the overall network system management;
  
  means for displaying the security hole, detected by said first detection means, on the display device, on one of a drawing of a logical network configuration and a drawing of a physical network configuration on the basis of the information stored in said database, in a display state suitable for showing contents of the security hole or an extent of significance of the security hole; and
  
  processing means for taking a necessary measure against the security hole by consulting a security measures table.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A network management system as claimed in claim 1, further comprising means for displaying a dynamic and logical status of connection of one of the plurality of network devices on the basis of information stored in said database relating to one of a physical network configuration, a logical network configuration, a network wiring layout, a floor drawing, and a map, when an instruction is given to the computer, said one of the network devices, or a position thereof displayed on said drawing of the network configuration.
  - 3. A network management system as claimed in claim 1, further comprising:
    - measurement means for measuring an amount of communication of the network among the computer and one of the network devices through a network cable connecting the computer and said one of the network devices, when an instruction is given to the computer, said one of the network devices, or the network cable, displayed on the drawing of the network configuration;
      
      classification means for classifying contents of communication;
      
      computation means for computing a rate or a ratio of an amount of communication for each classification; and
      
      means for displaying a periodic progress and a variation of the amounts of communication with respect to the total amount of communication on the basis of the result of measurement and the result of classification in a distinguishable form on said display device.
  - 4. A network management system as claimed in claim 1, further comprising:
    - second detection means for detecting a dynamic and logical status of a login procedure executed by a user on the basis of the information relating to the physical network configuration or the logical network configuration, stored in said database, when an instruction is given to the computer or one of the network devices displayed on said drawing of the network configuration; and
      
      means for displaying said dynamic and logical status thereof.
  - 5. A network management system as claimed in claim 1, further comprising:
    - storage means for storing a history of access to a file for setting an environment for maintaining a network environment defined with the computer or one of the network devices on the network in said database at selected times;
      
      extraction means for extracting a history of access made for a predetermined period of time from said history of the access thereto stored in the database, when an instruction is given to the computer or said one of the network devices displayed on the drawing of the network configuration; and
      
      means for displaying a result of extraction on said display device.
  - 6. A network management system as claimed in claim 1, further comprising:
    - storage means for storing a program or a command at selected times in said database;
      
      collating and investigating means for collating and investigating or checking programs or commands operable with the computer and one of the network devices to which an instruction is to be given at selected times, with respect to whether said programs or said commands contain a program or a command which fails to agree with a preregistration table for allowing the program or the command to be operated on the network while security is ensured on the network, said security being defined with the computer or said one of the network devices on the network; and
      
      means for displaying the status of the operation of the programs or the commands stored in said database on the display device when the instruction is given to the computer or said one of the network devices displayed on the drawing of the network configuration.
  - 7. A network management system as claimed in claim 1, further comprising:
    - storage means for storing a history of login procedures to the network executed by a privileged user defined with the computer or one of the network devices on the network in the database at selected times;
      
      extraction means for extracting a history of the login procedures executed by the privileged user stored in said database for a predetermined period of time from the history of the login procedures, when an instruction is given to the computer or said one of the network devices displayed on the drawing of the network configuration; and
      
      means for displaying a result of extraction on said display device.
  - 8. A network management system as claimed in claim 1, further comprising:
    - collating and investigating means for collating and investigating or checking contents of an environment setting file for connection to the network defined by the computer and one of the network devices so as to comply with information relating to a condition of accepting access to the network, the information being stored in advance in the database, when an instruction is given to the computer or said one of the network devices displayed on the drawing of the network configuration;
      
      means for displaying a result of collating and investigating or checking on the display device; and
      
      notice means for giving a notice in accordance with the extent of significance of the security hole.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi Software Engineering Co., Ltd. (Hitachi, Ltd.)
Original Assignee
Hitachi Software Engineering Co., Ltd. (Hitachi, Ltd.)
Inventors
Tsutsumi, Toshiyuki, Mori, Yumiko, Kondo, Mariko
Primary Examiner(s)
Geckil, Mehmet B.

Application Number

US08/219,725
Time in Patent Office

1,316 Days
Field of Search

395/800, 395/200.06, 395/600, 395/182.19, 395/187.01, 395/188.01, 395/183.15, 395/183.13
US Class Current

726/25
CPC Class Codes

G06F 21/552   involving long-term monitor...

H04L 41/22   comprising specially adapte...

H04L 41/28   Restricting access to netwo...

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

Network management system for detecting and displaying a security hole

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

103 Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Network management system for detecting and displaying a security hole

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

103 Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links