JP2002507295A - 多層型ファイアウオールシステム - Google Patents
多層型ファイアウオールシステムInfo
- Publication number
- JP2002507295A JP2002507295A JP50087899A JP50087899A JP2002507295A JP 2002507295 A JP2002507295 A JP 2002507295A JP 50087899 A JP50087899 A JP 50087899A JP 50087899 A JP50087899 A JP 50087899A JP 2002507295 A JP2002507295 A JP 2002507295A
- Authority
- JP
- Japan
- Prior art keywords
- node
- nodes
- network
- security
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
Abstract
Description
Claims (1)
- 【特許請求の範囲】 1.複数の形式のノードを含むネットワークにセキュリティを与えるシステム であって、ネットワーク内のノードセットのノードは、対応するノード形式に適 応したコンフィギュレーションデータに応答して実行されるセキュリティ機能を 含むようなシステムにおいて、 ネットワーク内のノードセットにおいて働くセキュリティ機能と、ノードセッ ト内のノードの相互接続とに関する情報を記憶するトポロジーデータ記憶装置と 、 上記トポロジーデータ記憶装置に接続され、ネットワーク内のノード間で実施 されるべきセキュリティポリシーを指示するセキュリティポリシーステートメン トを受け取る入力を含むコンフィギュレーションインターフェイスと、 上記ネットワーク、コンフィギュレーションインターフェイス及びトポロジー データ記憶装置に接続され、セキュリティポリシーステートメントを、ネットワ ーク内の複数の形式のノードに対するコンフィギュレーションデータに変換し、 そしてそのコンフィギュレーションデータをノードへと搬送するリソースを含む コンフィギュレーションドライバーと、 を備えたことを特徴とするシステム。 2.上記ノードセットは、フィルタパラメータに基づいて媒体アクセス制御M AC層フィルタリングを与えるノードを含み、そしてコンフィギュレーションデ ータは、MAC層フィルタリングのためのフィルタパラメータを含む請求項1に 記載のシステム。 3.上記ノードセットは、フィルタパラメータに基づいてネットワーク層フィ ルタリングを与えるノードを含み、そしてコンフィギュレーションデータは、ネ ットワーク層フィルタリングのためのフィルタパラメータを含む請求項1に記載 のシステム。 4.上記ノードセットは、フィルタパラメータに基づいて搬送層フィルタリン グを与えるノードを含み、そしてコンフィギュレーションデータは、搬送層フィ ルタリングのためのフィルタパラメータを含む請求項1に記載のシステム。 5.上記ノードセットは、フィルタパラメータに基づきアプリケーション層フ ィルタリングを与えるノードを含み、そしてコンフィギュレーションデータは、 アプリケーション層フィルタリングのためのフィルタパラメータを含む請求項1 に記載のシステム。 6.上記セキュリティ機能は、認証プロトコルを含む請求項1に記載のシステ ム。 7.上記セキュリティ機能は、オーデットを含む請求項1に記載のシステム。 8.上記セキュリティ機能は、許可を含む請求項1に記載のシステム。 9.上記ノードセットは、中継器の機能を実行するノードを含み、そして上記 セキュリティ機能は、中継器の機能に媒体アクセス制御MAC層フィルタリング を含む請求項1に記載のシステム。 10.上記ノードセットは、データリンク層スイッチの機能を実行するノード を含み、そして上記セキュリティ機能は、スイッチ機能に媒体アクセス制御MA C層フィルタリングを含む請求項1に記載のシステム。 11.上記ノードセットは、ネットワーク層ルート指定機能を実行するノード を含み、そして上記セキュリティ機能は、ルート指定機能にネットワーク層フィ ルタリングを含む請求項1に記載のシステム。 12.上記ノードセットは、多数のプロトコル層ルート指定機能を実行するノ ードを含み、そして上記セキュリティ機能は、認証機構を含む請求項1に記載の システム。 13.上記ノードセットは、ネットワーク層ルート指定機能を実行するノード 及びデータリンク層スイッチ機能を実行するノードを含み、そして上記セキュリ ティ機能は、媒体アクセス制御MAC層フィルタリング及びネットワーク層フィ ルタリングを含む請求項1に記載のシステム。 14.上記ノードセットは、多数のプロトコル層ルート指定機能を実行するノ ードを含み、そして上記セキュリティ機能は、認証を含む請求項13に記載のシ ステム。 15.上記トポロジーデータ記憶装置は、ノードセットの外部のノードへ至る ネットワークリンクに接続されたノードを指示するデータを含む請求項1に記載 のシステム。 16.上記トポロジーデータ記憶装置は、ノードセットの外部のノードへ至る ネットワークリンクに接続されたノードと、セキュリティポリシーを実施できる 能動的ノードと、セキュリティポリシーを実施できないか又は実施する信頼性の ない受動的ノードとを指示するデータを含み、そして 上記セキュリティポリシーステートメントは、能動的ノードと、受動的ノード と、ノードセットの外部のノードへ至るネットワークリンクに進行する通信とに 対してセキュリティポリシーを指示する請求項1に記載のシステム。 17.上記コンフィギュレーションインターフェイスは、スクリプト言語を解 読してセキュリティポリシーステートメントを決定するスクリプトインタープリ ターを含む請求項1に記載のシステム。 18.上記トポロジーデータ記憶装置は、セキュリティポリシーを実施できる 能動的ノードと、セキュリティポリシーを実施できないか又は実施する信頼性の ない受動的ノードとを指示するデータを含む請求項1に記載のシステム。 19.上記セキュリティポリシーステートメントは、1つ以上の最終ステーシ ョンのソースセットと、1つ以上の最終ステーションの行先セットとの間の通信 に対するセキュリティポリシーを指示する請求項18に記載のシステム。 20.上記コンフィギュレーションドライバは、受動的ノードにリンクされた 能動的ノードに対してコンフィギュレーションデータを発生することにより受動 的ノードのセキュリティポリシーを実施するリソースを含む請求項18に記載の システム。 21.上記スクリプト言語は、ソースセット識別子、行先セット識別子、通信 アクティビティ識別子、及び識別されたソースセットと識別された行先セットと の間の識別された通信アクティビティに対するルールを含むセキュリティポリシ ーステートメントを指定するシンタックスを含む請求項17に記載のシステム。 22.上記シンタックスは、更に、ルールを実施すべき位置の識別子を含む請 求項21に記載のシステム。 23.上記コンフィギュレーションドライバーは、トポロジーデータ記憶装置 のデータに基づいて実施できないセキュリティポリシーステートメントを識別す るためのリソースを含む請求項21に記載のシステム。 24.ノードセットの特定ノードと通信する永続的記憶能力を有するコンフィ ギュレーション記憶装置を備え、そして上記コンフイギュレーションドライバー は、特定ノードに対するコンフィギュレーションデータをコンフィギュレーショ ン記憶装置に送信する請求項1に記載のシステム。 25.上記コンフィギュレーション記憶装置は、通信リンクによって特定ノー ドに接続される請求項24に記載のシステム。 26.上記トポロジーデータ記憶装置は、ネットワーク層アドレス、媒体アク セス制御MAC層アドレス、ユーザ識別子、特定ノードがセキュリティポリシー を実施する信頼があるかどうか、実施できるセキュリティポリシーの形式、及び 他のノードへのその接続を含む特定ノードの情報を与えるデータ構造体を備えて いる請求項1に記載のシステム。 27.上記セキュリティポリシーステートメントは、ネットワークの1つ以上 の最終ステーションを含むソースセットと、ネットワークの1つ以上の最終ステ ーションを含む行先セットとの間の通信に対するセキュリティポリシーを指示し 、そして上記コンフィギュレーションドライバーは、ネットワークのノードセッ ト内の指示されたセキュリティポリシーを実施することのできるカット頂点セッ トのノードを識別しそしてカット頂点セットのノードにコンフィギュレーション データを確立するためのリソースを含む請求項1に記載のシステム。 28.上記カット頂点セットは、最小のカット頂点セットより成る請求項27 に記載のシステム。 29.複数の形式のノードを含むネットワークにセキュリティを与えるシステ ムであって、ネットワーク内のノードセットのノードは、対応するノード形式に 適応したコンフィギュレーションデータに応答して実行されるセキュリティ機能 を含むようなシステムにおいて、 ネットワーク内のノードセットのセキュリティ機能と、ノードセット内のノー ドの相互接続とに関する情報を記憶するトポロジーデータ記憶装置であって、1 つ以上のプロトコル層におけるアドレス、特定ノードがセキュリティポリシーを 実施する信頼性があるかどうか、特定ノードが実施できるセキュリティポリシー の形式、及び特定ノードと他のノードとの接続を含む特定ノードの情報を与える データ構造体を有するトポロジーデータ記憶装置と、 上記トポロジーデータ記憶装置に接続されたコンフィギュレーションインター フェイスであって、このインターフェイスは、ネットワークにおける1つ以上の 終端ステーションのソースセットと1つ以上の終端ステーションの行先セットと の間で実施されるべきセキュリティポリシーを指示するセキュリティポリシース テートメントを受け取る入力と、スクリプト言語を解読してセキュリティポリシ ーステートメントを決定するためのスクリプトインタープリターとを含み、上記 スクリプト言語は、ソースセット識別子、行先セット識別子、通信アクティビテ ィ識別子、及び識別されたソースセットと識別された行先セットとの間の識別さ れた通信アクティビティに対するルールを含むセキュリティポリシーステートメ ントを指定するシンタックスを含むようなコンフィギュレーションインターフェ イスと、 上記ネットワーク、コンフィギュレーションインターフェイス及びトポロジー データ記憶装置に接続され、セキュリティポリシーステートメントを、ネットワ ーク内の種々の形式のノードに対するコンフィギュレーションデータに変換し、 そしてそのコンフィギュレーションデータをノードへと搬送するリソースを含む コンフィギュレーションドライバーと、 を備えたことを特徴とするシステム。 30.上記ノードセットは、フィルタパラメータに基づいて媒体アクセス制御 MAC層フィルタリングを与えるノードを含み、そしてコンフィギュレーション データは、MAC層フィルタリングのためのフィルタパラメータを含む請求項2 9に記載のシステム。 31.上記ノードセットは、フィルタパラメータに基づいてネットワーク層フ ィルタリングを与えるノードを含み、そしてコンフィギュレーションデータは、 ネットワーク層フィルタリングのためのフィルタパラメータを含む請求項29に 記載のシステム。 32.上記ノードセットは、フィルタリングパラメータに基づいて搬送層フィ ルタリングを与えるノードを含み、そしてコンフィギュレーションデータは、搬 送層フィルタリングのためのフィルタパラメータを含む請求項29に記載のシス テム。 33.上記ノードセットは、フィルタパラメータに基づきアプリケーション層 フィルタリングを与えるノードを含み、そしてコンフィギュレーションデータは 、アプリケーション層フィルタリングのためのフィルタパラメータを含む請求項 29に記載のシステム。 34.上記トポロジーデータ記憶装置は、セキュリティポリシーを実施できる 能動的ノードと、セキュリティポリシーを実施できないか又は実施する信頼性の ない受動的ノードとを指示するデータを含む請求項29に記載のシステム。 35.上記トポロジーデータ記憶装置は、ノードセットの外部のノードへ至る ネットワークリンクに接続されたノードを指示するデータを含む請求項29に記 載のシステム。 36.上記セキュリティポリシーステートメントは、ノードセットの外部のノ ードへ至るネットワークリンクに進行する通信に対するセキュリティポリシーを 指示する請求項35に記載のシステム。 37.上記シンタックスは、更に、ルールを実施すべき位置の識別子を含む請 求項29に記載のシステム。 38.上記コンフィギュレーションドライバーは、トポロジーデータ記憶装置 のデータに基づいて実施できないセキュリティポリシーステートメントを識別す るためのリソースを備えている請求項29に記載のシステム。 39.ノードセットの特定ノードと通信する永続的記憶能力を有するコンフィ ギュレーション記憶装置を備え、そして上記コンフィギュレーションドライバー は、特定ノードに対するコンフィギュレーションデータをコンフィギュレーショ ン記憶装置に送信する請求項29に記載のシステム。 40.上記コンフィギュレーション記憶装置は、通信リンクにより特定のノー ドに接続される請求項39に記載のシステム。 41.上記コンフィギュレーションドライバーは、指示されたセキュリティポ リシーを実施することのできるカット頂点セットのノードを識別しそしてカット 頂点セットのノードにコンフィギュレーションデータを確立するためのリソース を含む請求項29に記載のシステム。 42.上記カット頂点セットは、最小のカット頂点セットより成る請求項41 に記載のシステム。 43.複数の形式のノードのセットを含むネットワークにファイアウオールシ ステムを確立する方法であって、ネットワーク内の上記ノードセットのノードは 、対応するノードに適応したコンフィギュレーションデータに応答して実行され るセキュリティ機能を含み、上記方法は、 上記ノードセットのノードにおいて働くセキュリティ機能と、上記ノードセッ トのノードの相互接続とに関する情報を含むトポロジーデータを与え、 上記ノードセットの最終システム間で実施されるべきセキュリティポリシーを 指示するセキュリティポリシーステートメントを与え、 上記トポロジーデータに応答して、セキュリティポリシーステートメントを、 ノードセットのノードにおいて働くセキュリティ機能に対するコンフィギュレー ションデータへと変換し、そして ネットワーク内のノードにおいてセキュリティ機能にコンフィギュレーション データを確立する、 という段階を備えたことを特徴とする方法。 44.上記トポロジーデータは、1つ以上のプロトコル層のアドレス、特定ノ ードがセキュリティポリシーを実施する信頼があるかどうか、特定ノードが実施 できるセキュリティポリシーの形式、及び特定ノードと他のノードとの接続を含 む特定ノードの情報を与えるデータ構造体を備えている請求項43に記載の方法 。 45.セキュリティポリシーステートメントを与える上記段階は、スクリプト 言語を解読して、セキュリティポリシーステートメントを決定することを含み、 上記スクリプト言語は、ソース識別子、行先識別子、通信アクティビティ識別子 、及び識別されたソースと識別された行先との間の識別された通信アクティビテ ィに対するルールを含むセキュリティポリシーステートメントを指定するための シンタックスを含む請求項43に記載の方法。 46.上記シンタックスは、更に、ルールを実施すべき位置の識別子を含む請 求項45に記載の方法。 47.上記確立段階は、ノードと通信する永続的な記憶装置にネットワークの コンフィギュレーションデータを送信することを含む請求項43に記載の方法。 48.少なくとも1つのノードに対し、ノードと通信する永続的な記憶装置は 、ノードにとってローカルであり、そして少なくとも1つの他のノードに対し、 ノードと通信する永続的な記憶装置は、ノードから離れている請求項47に記載 の方法。 49.少なくとも1つのノードに対し、ノードと通信する永続的な記憶装置は 、ノードから離れており、ノードにコンフィギュレーションデータを確立する上 記段階は、永続的な記憶装置にコンフィギュレーションデータを送信した後に、 コンフィギュレーションデータが変化したことをノードのセキュリティ機能に通 知することを含む請求項47に記載の方法。 50.上記トポロジーデータは、セキュリティポリシーを実施できる能動的ノ ードと、セキュリティポリシーを実施できないか又は実施する信頼性のない受動 的ノードとを指示するデータを含む請求項43に記載の方法。 51.上記トポロジーデータは、ノードセットの外部のノードへ至るネットワ ークリンクに接続されたノードを指示するデータを含む請求項50に記載の方法 。 52.上記セキュリティポリシーステートメントは、ノードセットの外部のノ ードへ至るネットワークリンクに進行する通信に対してセキュリティポリシーを 指示する請求項51に記載の方法。 53.上記変換段階は、受動的ノードのセキュリティポリシーを実施するため に、受動的ノードにリンクされた能動的ノードのコンフィギュレーションデータ を発生することを含む請求項50に記載の方法。 54.上記変換段階は、トポロジーデータ記憶装置のデータに基づいて実施で きないセキュリティポリシーステートメントを識別することを含む請求項43に 記載の方法。 55.上記ノードセットは、フィルタパラメータに基づいてMAC層フィルタ リングを与えるノードを含み、そしてコンフィギュレーションデータは、MAC 層フィルタリングのためのフィルタパラメータを含む請求項43に記載の方法。 56.上記ノードセットは、フィルタパラメータに基づいてネットワーク層フ ィルタリングを与えるノードを含み、そしてコンフィギュレーションデータは、 ネットワーク層フィルタリングのためのフィルタパラメータを含む請求項43に 記載の方法。 57.上記ノードセットは、フィルタパラメータに基づいて搬送層フィルタリ ングを与えるノードを含み、そしてコンフィギュレーションデータは、搬送層フ ィルタリングのためのフィルタパラメータを含む請求項43に記載の方法。 58.上記ノードセットは、フィルタパラメータに基づきアプリケーション層 フィルタリングを与えるノードを含み、そしてコンフィギュレーションデータは 、アプリケーション層フィルタリングのためのフィルタパラメータを含む請求項 43に記載の方法。 59.上記セキュリティ機能は、許可を含む請求項43に記載の方法。 60.上記セキュリティ機能は、認証を含む請求項43に記載の方法。 61.上記セキュリティ機能は、オーデットを含む請求項43に記載の方法。 62.上記ノードセットは、インターネットプロトコルIPフィルタパラメー タに基づいてネットワーク層フィルタリングを与えるノードを含み、そしてコン フィギュレーションデータは、IPフィルタパラメータを含む請求項43に記載 の方法。 63.上記ノードセットは、インターネットプロトコル及び搬送制御プロトコ ルTCP/IPフィルタパラメータに基づいてフィルタリングを与えるノードを 含み、そしてコンフィギュレーションデータは、TCP/IPフィルタパラメー タを含む請求項43に記載の方法。 64.複数の形式のノードのセットを含むネットワークにファイアウオールシ ステムを確立する方法であって、ネットワーク内の上記ノードセットのノードは 、対応するノードに適応したコンフィギュレーションデータに応答して実行され るセキュリティ機能を含み、上記方法は、 上記ノードセットのノードにおいて働くセキュリティ機能と、上記ノードセッ トのノードの相互接続とに関する情報を含むトポロジーデータを与え、 上記ノードセットにおける最終ステーションのソースセットと最終ステーショ ンの行先セットとの間で実施されるべきセキュリティポリシーを指示するセキュ リティポリシーステートメントを与え、 トポロジーデータ及びセキュリティポリシーステートメントに応答して、セキ ュリティポリシーステートメントを実施できるノードより成るカット頂点セット のノードを識別し、これは、ネットワークから除去された場合に、ソースセット を行先セットから分離するものであり、 識別されたカット頂点セット及びセキュリティポリシーステートメントに応答 して、カット頂点セットのノードにおいて働くセキュリティ機能に対するコンフ ィギュレーションデータへと変換し、そして カット頂点セットのノードにおいてセキュリティ機能にコンフィギュレーショ ンデータを確立する、 という段階を備えたことを特徴とする方法。 65.上記トポロジーデータは、アドレス、特定ノードがセキュリティポリシ ーを実施する信頼があるかどうか、特定ノードが実施できるセキュリティポリシ ーの形式、及び特定ノードと他のノードとの接続を含む特定ノードの情報を与え るデータ構造体を備えている請求項64に記載の方法。 66.セキュリティポリシーステートメントを与える上記段階は、スクリプト 言語を解読して、セキュリティポリシーステートメントを決定することを含み、 上記スクリプト言語は、ソース識別子、行先識別子、通信アクティビティ識別子 、及び識別されたソースと識別された行先との間の識別された通信アクティビテ ィに対するルールを含むセキュリティポリシーステートメントを指定するための シンタックスを含む請求項64に記載の方法。 67.上記確立段階は、カット頂点セットのノードと通信する永続的な記憶装 置にネットワークのコンフィギュレーションデータを送信することを含む請求項 64に記載の方法。 68.少なくとも1つのノードに対し、ノードと通信する永続的な記憶装置は 、ノードにとってローカルであり、そして少なくとも1つの他のノードに対し、 ノードと通信する永続的な記憶装置は、ノードから離れている請求項67に記載 の方法。 69.上記ノードセットは、インターネットプロトコルIPフイルタパラメー タに基づいてネットワーク層フィルタリングを与えるノードを含み、そしてコン フィギュレーションデータは、IPフィルタパラメータを含む請求項64に記載 の方法。 70.上記ノードセットは、インターネットプロトコル及び搬送制御プロトコ ルTCP/IPフィルタパラメータに基づいてフィルタリングを与えるノードを 含み、そしてコンフィギュレーションデータは、TCP/IPフィルタパラメー タを含む請求項64に記載の方法。 71.上記カット頂点セットは、最小のカット頂点セットより成る請求項64 に記載の方法。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/865,482 | 1997-05-29 | ||
US08/865,482 US5968176A (en) | 1997-05-29 | 1997-05-29 | Multilayer firewall system |
PCT/US1998/010817 WO1998054644A1 (en) | 1997-05-29 | 1998-05-28 | Multilayer firewall system |
Publications (1)
Publication Number | Publication Date |
---|---|
JP2002507295A true JP2002507295A (ja) | 2002-03-05 |
Family
ID=25345607
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP50087899A Ceased JP2002507295A (ja) | 1997-05-29 | 1998-05-28 | 多層型ファイアウオールシステム |
Country Status (8)
Country | Link |
---|---|
US (1) | US5968176A (ja) |
EP (1) | EP0990206B1 (ja) |
JP (1) | JP2002507295A (ja) |
AT (1) | ATE343818T1 (ja) |
CA (1) | CA2291158A1 (ja) |
DE (1) | DE69836271T2 (ja) |
GB (1) | GB2342020B (ja) |
WO (1) | WO1998054644A1 (ja) |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001237895A (ja) * | 2000-01-18 | 2001-08-31 | Lucent Technol Inc | ネットワークゲートウェイの解析方法及び装置 |
JP2006146891A (ja) * | 2004-11-19 | 2006-06-08 | Microsoft Corp | セキュリティポリシーを配布するための方法およびシステム |
JP2007529917A (ja) * | 2004-02-20 | 2007-10-25 | アシシュ エイ パンドヤ | 分散型ネットワークセキュリティシステム及びそのためのハードウエアプロセッサ |
JP2008219149A (ja) * | 2007-02-28 | 2008-09-18 | Nippon Telegr & Teleph Corp <Ntt> | トラヒック制御システムおよびトラヒック制御方法 |
JP2009105716A (ja) * | 2007-10-24 | 2009-05-14 | Hitachi Ltd | ネットワークシステム、管理計算機、及びフィルタ再構成方法 |
JP2009525711A (ja) * | 2006-03-31 | 2009-07-09 | インテル・コーポレーション | 階層型信頼に基づいたポスチャレポーティング及びポリシー施行 |
JP2009187587A (ja) * | 2003-03-31 | 2009-08-20 | Intel Corp | セキュリティポリシーを管理する方法及びシステム |
US7653747B2 (en) | 2001-10-16 | 2010-01-26 | Microsoft Corporation | Resolving virtual network names |
US7676540B2 (en) | 2001-10-16 | 2010-03-09 | Microsoft Corporation | Scoped referral statements |
JP2010061675A (ja) * | 2002-07-11 | 2010-03-18 | Thomson Licensing | アプリケーションレベルゲートウェイ及びファイアウォールのルールセットのダウンロードの許可 |
US7730094B2 (en) | 2001-10-16 | 2010-06-01 | Microsoft Corporation | Scoped access control metadata element |
US7752431B2 (en) | 2001-10-16 | 2010-07-06 | Microsoft Corporation | Virtual distributed security system |
US7899047B2 (en) | 2001-11-27 | 2011-03-01 | Microsoft Corporation | Virtual network with adaptive dispatcher |
JP2016522919A (ja) * | 2013-04-10 | 2016-08-04 | イルミオ, インコーポレイテッドIllumio,Inc. | 論理的多次元ラベルベースのポリシーモデルを使用した分散型ネットワークマネージメント |
US9882919B2 (en) | 2013-04-10 | 2018-01-30 | Illumio, Inc. | Distributed network security using a logical multi-dimensional label-based policy model |
US10027650B2 (en) | 2011-08-09 | 2018-07-17 | CloudPassage, Inc. | Systems and methods for implementing security |
US10153906B2 (en) | 2011-08-09 | 2018-12-11 | CloudPassage, Inc. | Systems and methods for implementing computer security |
US11323417B2 (en) | 2018-03-01 | 2022-05-03 | Fujitsu Limited | Network management apparatus, network management method, and non-transitory computer-readable storage medium |
Families Citing this family (514)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10361802B1 (en) | 1999-02-01 | 2019-07-23 | Blanding Hovenweep, Llc | Adaptive pattern recognition based control system and method |
US5864683A (en) * | 1994-10-12 | 1999-01-26 | Secure Computing Corporartion | System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights |
US8606851B2 (en) | 1995-06-06 | 2013-12-10 | Wayport, Inc. | Method and apparatus for geographic-based communications service |
US5835061A (en) | 1995-06-06 | 1998-11-10 | Wayport, Inc. | Method and apparatus for geographic-based communications service |
US7037426B2 (en) * | 2000-05-04 | 2006-05-02 | Zenon Environmental Inc. | Immersed membrane apparatus |
US5918018A (en) | 1996-02-09 | 1999-06-29 | Secure Computing Corporation | System and method for achieving network separation |
EP0968596B1 (en) | 1997-03-12 | 2007-07-18 | Nomadix, Inc. | Nomadic translator or router |
US6453334B1 (en) | 1997-06-16 | 2002-09-17 | Streamtheory, Inc. | Method and apparatus to allow remotely located computer programs and/or data to be accessed on a local computer in a secure, time-limited manner, with persistent caching |
DE69819927D1 (de) * | 1997-09-05 | 2003-12-24 | Sun Microsystems Inc | Nachschlagtabelle und verfahren zur datenspeicherung darin |
US6308216B1 (en) * | 1997-11-14 | 2001-10-23 | International Business Machines Corporation | Service request routing using quality-of-service data and network resource information |
US6330610B1 (en) * | 1997-12-04 | 2001-12-11 | Eric E. Docter | Multi-stage data filtering system employing multiple filtering criteria |
US7283561B1 (en) * | 1997-12-12 | 2007-10-16 | Level 3 Communications, Llc | Secure network architecture with quality of service |
US7032242B1 (en) * | 1998-03-05 | 2006-04-18 | 3Com Corporation | Method and system for distributed network address translation with network security features |
US6321336B1 (en) * | 1998-03-13 | 2001-11-20 | Secure Computing Corporation | System and method for redirecting network traffic to provide secure communication |
US6738814B1 (en) * | 1998-03-18 | 2004-05-18 | Cisco Technology, Inc. | Method for blocking denial of service and address spoofing attacks on a private network |
US6182226B1 (en) * | 1998-03-18 | 2001-01-30 | Secure Computing Corporation | System and method for controlling interactions between networks |
US6202056B1 (en) * | 1998-04-03 | 2001-03-13 | Audiosoft, Inc. | Method for computer network operation providing basis for usage fees |
US7051004B2 (en) * | 1998-04-03 | 2006-05-23 | Macrovision Corporation | System and methods providing secure delivery of licenses and content |
US6141755A (en) * | 1998-04-13 | 2000-10-31 | The United States Of America As Represented By The Director Of The National Security Agency | Firewall security apparatus for high-speed circuit switched networks |
US6226751B1 (en) * | 1998-04-17 | 2001-05-01 | Vpnet Technologies, Inc. | Method and apparatus for configuring a virtual private network |
US7143151B1 (en) * | 1998-05-19 | 2006-11-28 | Hitachi, Ltd. | Network management system for generating setup information for a plurality of devices based on common meta-level information |
US6219790B1 (en) * | 1998-06-19 | 2001-04-17 | Lucent Technologies Inc. | Centralized authentication, authorization and accounting server with support for multiple transport protocols and multiple client types |
US6363422B1 (en) * | 1998-06-24 | 2002-03-26 | Robert R. Hunter | Multi-capability facilities monitoring and control intranet for facilities management system |
US6182228B1 (en) * | 1998-08-17 | 2001-01-30 | International Business Machines Corporation | System and method for very fast IP packet filtering |
US6317837B1 (en) * | 1998-09-01 | 2001-11-13 | Applianceware, Llc | Internal network node with dedicated firewall |
US6438612B1 (en) * | 1998-09-11 | 2002-08-20 | Ssh Communications Security, Ltd. | Method and arrangement for secure tunneling of data between virtual routers |
US6728885B1 (en) * | 1998-10-09 | 2004-04-27 | Networks Associates Technology, Inc. | System and method for network access control using adaptive proxies |
US7293107B1 (en) | 1998-10-09 | 2007-11-06 | Netmotion Wireless, Inc. | Method and apparatus for providing mobile and other intermittent connectivity in a computing environment |
US7778260B2 (en) | 1998-10-09 | 2010-08-17 | Netmotion Wireless, Inc. | Method and apparatus for providing mobile and other intermittent connectivity in a computing environment |
US8078727B2 (en) | 1998-10-09 | 2011-12-13 | Netmotion Wireless, Inc. | Method and apparatus for providing mobile and other intermittent connectivity in a computing environment |
US6546425B1 (en) | 1998-10-09 | 2003-04-08 | Netmotion Wireless, Inc. | Method and apparatus for providing mobile and other intermittent connectivity in a computing environment |
US8060656B2 (en) | 1998-10-09 | 2011-11-15 | Netmotion Wireless, Inc. | Method and apparatus for providing mobile and other intermittent connectivity in a computing environment |
US6195682B1 (en) * | 1998-10-27 | 2001-02-27 | International Business Machines Corporation | Concurrent server and method of operation having client-server affinity using exchanged client and server keys |
GB2385969B (en) * | 1998-10-28 | 2004-01-14 | Crosslogix Inc | Providing access to securable components |
US6460141B1 (en) | 1998-10-28 | 2002-10-01 | Rsa Security Inc. | Security and access management system for web-enabled and non-web-enabled applications and content on a computer network |
US7673323B1 (en) | 1998-10-28 | 2010-03-02 | Bea Systems, Inc. | System and method for maintaining security in a distributed computer network |
US6158010A (en) * | 1998-10-28 | 2000-12-05 | Crosslogix, Inc. | System and method for maintaining security in a distributed computer network |
US7730089B2 (en) * | 1998-11-16 | 2010-06-01 | Punch Networks Corporation | Method and system for providing remote access to the facilities of a server computer |
US6301613B1 (en) * | 1998-12-03 | 2001-10-09 | Cisco Technology, Inc. | Verifying that a network management policy used by a computer system can be satisfied and is feasible for use |
US8713641B1 (en) | 1998-12-08 | 2014-04-29 | Nomadix, Inc. | Systems and methods for authorizing, authenticating and accounting users having transparent computer access to a network using a gateway device |
US6636894B1 (en) | 1998-12-08 | 2003-10-21 | Nomadix, Inc. | Systems and methods for redirecting users having transparent computer access to a network using a gateway device having redirection capability |
US7194554B1 (en) | 1998-12-08 | 2007-03-20 | Nomadix, Inc. | Systems and methods for providing dynamic network authorization authentication and accounting |
US8266266B2 (en) | 1998-12-08 | 2012-09-11 | Nomadix, Inc. | Systems and methods for providing dynamic network authorization, authentication and accounting |
US6480888B1 (en) * | 1998-12-29 | 2002-11-12 | At&T Corp. | Virtual path concentrator node with loopback |
US6718137B1 (en) * | 1999-01-05 | 2004-04-06 | Ciena Corporation | Method and apparatus for configuration by a first network element based on operating parameters of a second network element |
US6954775B1 (en) | 1999-01-15 | 2005-10-11 | Cisco Technology, Inc. | Parallel intrusion detection sensors with load balancing for high speed networks |
CA2296989C (en) * | 1999-01-29 | 2005-10-25 | Lucent Technologies Inc. | A method and apparatus for managing a firewall |
IL128814A (en) * | 1999-03-03 | 2004-09-27 | Packet Technologies Ltd | Local network security |
JP3732672B2 (ja) * | 1999-03-10 | 2006-01-05 | 株式会社東芝 | ネットワークセキュリティルール管理システム及びネットワークセキュリティルール管理装置 |
US6542993B1 (en) * | 1999-03-12 | 2003-04-01 | Lucent Technologies Inc. | Security management system and method |
JP2000278290A (ja) * | 1999-03-29 | 2000-10-06 | Matsushita Electric Ind Co Ltd | ネットワーク管理システム |
US6738908B1 (en) * | 1999-05-06 | 2004-05-18 | Watchguard Technologies, Inc. | Generalized network security policy templates for implementing similar network security policies across multiple networks |
US6678827B1 (en) * | 1999-05-06 | 2004-01-13 | Watchguard Technologies, Inc. | Managing multiple network security devices from a manager device |
WO2000072169A1 (en) * | 1999-05-24 | 2000-11-30 | Hewlett-Packard Company | Congestion management in distributed computer system |
US7318102B1 (en) | 1999-05-24 | 2008-01-08 | Hewlett-Packard Development Company, L.P. | Reliable datagram |
GB9912494D0 (en) | 1999-05-28 | 1999-07-28 | Hewlett Packard Co | Configuring computer systems |
JP2000347866A (ja) * | 1999-06-04 | 2000-12-15 | Nec Corp | 分散システムとアクセス制御装置及び方法、並びにアクセス制御用プログラムを記録した記録媒体 |
US7882247B2 (en) | 1999-06-11 | 2011-02-01 | Netmotion Wireless, Inc. | Method and apparatus for providing secure connectivity in mobile and other intermittent computing environments |
US7346677B1 (en) | 1999-07-02 | 2008-03-18 | Cisco Technology, Inc. | Method and apparatus for creating policies for policy-based management of quality of service treatments of network data traffic flows |
US7836153B1 (en) * | 1999-08-06 | 2010-11-16 | Occam Networks, Inc. | Method and system to facilitate management of a distributed network |
CA2284298A1 (en) * | 1999-09-27 | 2001-03-27 | Nortel Networks Corporation | Architectures for communication networks |
US7206833B1 (en) * | 1999-09-30 | 2007-04-17 | Intel Corporation | Platform independent alert detection and management |
US6922722B1 (en) | 1999-09-30 | 2005-07-26 | Intel Corporation | Method and apparatus for dynamic network configuration of an alert-based client |
US7318089B1 (en) | 1999-09-30 | 2008-01-08 | Intel Corporation | Method and apparatus for performing network-based control functions on an alert-enabled managed client |
US6643783B2 (en) * | 1999-10-27 | 2003-11-04 | Terence T. Flyntz | Multi-level secure computer with token-based access control |
US6832321B1 (en) * | 1999-11-02 | 2004-12-14 | America Online, Inc. | Public network access server having a user-configurable firewall |
IL149356A0 (en) | 1999-11-03 | 2002-11-10 | Wayport Inc | Distributed network communication system which enables multiple network providers to use a common distributed network infrastructure |
US7376827B1 (en) * | 1999-11-05 | 2008-05-20 | Cisco Technology, Inc. | Directory-enabled network elements |
US6901051B1 (en) * | 1999-11-15 | 2005-05-31 | Fujitsu Limited | Server-based network performance metrics generation system and method |
US6684253B1 (en) * | 1999-11-18 | 2004-01-27 | Wachovia Bank, N.A., As Administrative Agent | Secure segregation of data of two or more domains or trust realms transmitted through a common data channel |
US6788647B1 (en) | 1999-11-19 | 2004-09-07 | Cisco Technology, Inc. | Automatically applying bi-directional quality of service treatment to network data flows |
WO2001039418A2 (en) * | 1999-11-22 | 2001-05-31 | Diversified High Technologies, Inc. | Network security data management system and method |
GB2357229B (en) * | 1999-12-08 | 2004-03-17 | Hewlett Packard Co | Security protocol |
US7836494B2 (en) * | 1999-12-29 | 2010-11-16 | Intel Corporation | System and method for regulating the flow of information to or from an application |
US6779120B1 (en) * | 2000-01-07 | 2004-08-17 | Securify, Inc. | Declarative language for specifying a security policy |
US6871284B2 (en) * | 2000-01-07 | 2005-03-22 | Securify, Inc. | Credential/condition assertion verification optimization |
US8074256B2 (en) * | 2000-01-07 | 2011-12-06 | Mcafee, Inc. | Pdstudio design system and method |
US6839766B1 (en) * | 2000-01-14 | 2005-01-04 | Cisco Technology, Inc. | Method and apparatus for communicating cops protocol policies to non-cops-enabled network devices |
US7249186B1 (en) * | 2000-01-20 | 2007-07-24 | Cisco Technology, Inc. | System and method for identifying a subscriber for connection to a communication network |
US7216175B1 (en) * | 2000-01-20 | 2007-05-08 | Cisco Systems, Inc. | System and method for determining subscriber information |
FR2804564B1 (fr) * | 2000-01-27 | 2002-03-22 | Bull Sa | Relais de securite multiapplicatif |
US6606659B1 (en) * | 2000-01-28 | 2003-08-12 | Websense, Inc. | System and method for controlling access to internet sites |
US20020078198A1 (en) * | 2000-02-25 | 2002-06-20 | Buchbinder John E. | Personal server technology with firewall detection and penetration |
US20070214262A1 (en) * | 2000-02-25 | 2007-09-13 | Anywheremobile, Inc. | Personal server technology with firewall detection and penetration |
US20020156860A1 (en) * | 2000-02-25 | 2002-10-24 | Finke Alan D. | Personal server system |
CA2300066A1 (en) * | 2000-03-03 | 2001-09-03 | Paul A. Ventura | High speed, high security remote access system |
US6631417B1 (en) | 2000-03-29 | 2003-10-07 | Iona Technologies Plc | Methods and apparatus for securing access to a computer |
US6799220B1 (en) * | 2000-04-13 | 2004-09-28 | Intel Corporation | Tunneling management messages over a channel architecture network |
US20010037384A1 (en) * | 2000-05-15 | 2001-11-01 | Brian Jemes | System and method for implementing a virtual backbone on a common network infrastructure |
US7020718B2 (en) | 2000-05-15 | 2006-03-28 | Hewlett-Packard Development Company, L.P. | System and method of aggregating discontiguous address ranges into addresses and masks using a plurality of repeating address blocks |
US7024686B2 (en) * | 2000-05-15 | 2006-04-04 | Hewlett-Packard Development Company, L.P. | Secure network and method of establishing communication amongst network devices that have restricted network connectivity |
US7263719B2 (en) * | 2000-05-15 | 2007-08-28 | Hewlett-Packard Development Company, L.P. | System and method for implementing network security policies on a common network infrastructure |
US7171484B1 (en) | 2000-05-24 | 2007-01-30 | Krause Michael R | Reliable datagram transport service |
US6870331B2 (en) * | 2000-05-31 | 2005-03-22 | Sarnoff Corporation | Space-saving cathode ray tube employing a non-self-converging deflection yoke |
US7055171B1 (en) * | 2000-05-31 | 2006-05-30 | Hewlett-Packard Development Company, L.P. | Highly secure computer system architecture for a heterogeneous client environment |
US6931550B2 (en) | 2000-06-09 | 2005-08-16 | Aramira Corporation | Mobile application security system and method |
US7269845B1 (en) | 2000-06-09 | 2007-09-11 | Aramira Corporation | Mobile application security system and method |
WO2001099371A2 (en) * | 2000-06-16 | 2001-12-27 | Securify, Inc. | Credential/condition assertion verification optimization |
US7917647B2 (en) | 2000-06-16 | 2011-03-29 | Mcafee, Inc. | Method and apparatus for rate limiting |
US7302704B1 (en) * | 2000-06-16 | 2007-11-27 | Bbn Technologies Corp | Excising compromised routers from an ad-hoc network |
US6950947B1 (en) | 2000-06-20 | 2005-09-27 | Networks Associates Technology, Inc. | System for sharing network state to enhance network throughput |
US6675017B1 (en) | 2000-06-30 | 2004-01-06 | Bellsouth Intellectual Property Corporation | Location blocking service for wireless networks |
US8041817B2 (en) | 2000-06-30 | 2011-10-18 | At&T Intellectual Property I, Lp | Anonymous location service for wireless networks |
US7031267B2 (en) | 2000-12-21 | 2006-04-18 | 802 Systems Llc | PLD-based packet filtering methods with PLD configuration data update of filtering rules |
US7185192B1 (en) * | 2000-07-07 | 2007-02-27 | Emc Corporation | Methods and apparatus for controlling access to a resource |
US7013482B1 (en) * | 2000-07-07 | 2006-03-14 | 802 Systems Llc | Methods for packet filtering including packet invalidation if packet validity determination not timely made |
US6959332B1 (en) * | 2000-07-12 | 2005-10-25 | Cisco Technology, Inc. | Basic command representation of quality of service policies |
US7152240B1 (en) * | 2000-07-25 | 2006-12-19 | Green Stuart D | Method for communication security and apparatus therefor |
US20060031456A1 (en) * | 2000-07-31 | 2006-02-09 | Marcos Della | Method and apparatus for transmitting data between devices in a web networking environment |
US7099932B1 (en) | 2000-08-16 | 2006-08-29 | Cisco Technology, Inc. | Method and apparatus for retrieving network quality of service policy information from a directory in a quality of service policy management system |
US7120931B1 (en) * | 2000-08-31 | 2006-10-10 | Cisco Technology, Inc. | System and method for generating filters based on analyzed flow data |
US6823462B1 (en) * | 2000-09-07 | 2004-11-23 | International Business Machines Corporation | Virtual private network with multiple tunnels associated with one group name |
US7836498B2 (en) * | 2000-09-07 | 2010-11-16 | Riverbed Technology, Inc. | Device to protect victim sites during denial of service attacks |
US20020032871A1 (en) * | 2000-09-08 | 2002-03-14 | The Regents Of The University Of Michigan | Method and system for detecting, tracking and blocking denial of service attacks over a computer network |
US20020035698A1 (en) * | 2000-09-08 | 2002-03-21 | The Regents Of The University Of Michigan | Method and system for protecting publicly accessible network computer services from undesirable network traffic in real-time |
US6941355B1 (en) * | 2000-09-08 | 2005-09-06 | Bbnt Solutions Llc | System for selecting and disseminating active policies to peer device and discarding policy that is not being requested |
US6807576B1 (en) * | 2000-09-08 | 2004-10-19 | International Business Machines Corporation | Method and system for determining and graphically representing frame classification rule relationships |
US7188366B2 (en) * | 2000-09-12 | 2007-03-06 | Nippon Telegraph And Telephone Corporation | Distributed denial of service attack defense method and device |
US6826698B1 (en) * | 2000-09-15 | 2004-11-30 | Networks Associates Technology, Inc. | System, method and computer program product for rule based network security policies |
US9525696B2 (en) * | 2000-09-25 | 2016-12-20 | Blue Coat Systems, Inc. | Systems and methods for processing data flows |
US7047561B1 (en) * | 2000-09-28 | 2006-05-16 | Nortel Networks Limited | Firewall for real-time internet applications |
US7096260B1 (en) | 2000-09-29 | 2006-08-22 | Cisco Technology, Inc. | Marking network data packets with differentiated services codepoints based on network load |
US6822940B1 (en) | 2000-09-29 | 2004-11-23 | Cisco Technology, Inc. | Method and apparatus for adapting enforcement of network quality of service policies based on feedback about network conditions |
AU2002213367A1 (en) * | 2000-10-20 | 2002-05-06 | Nomadix, Inc. | Systems and methods for providing dynamic network authorization, authentication and accounting |
US7054930B1 (en) | 2000-10-26 | 2006-05-30 | Cisco Technology, Inc. | System and method for propagating filters |
JP2002132665A (ja) * | 2000-10-30 | 2002-05-10 | Jepro:Kk | 電子メール管理システム、電子メール管理方法 |
US6988133B1 (en) | 2000-10-31 | 2006-01-17 | Cisco Technology, Inc. | Method and apparatus for communicating network quality of service policy information to a plurality of policy enforcement points |
US20020059415A1 (en) | 2000-11-01 | 2002-05-16 | Chang William Ho | Manager for device-to-device pervasive digital output |
US10860290B2 (en) | 2000-11-01 | 2020-12-08 | Flexiworld Technologies, Inc. | Mobile information apparatuses that include a digital camera, a touch sensitive screen interface, support for voice activated commands, and a wireless communication chip or chipset supporting IEEE 802.11 |
US10915296B2 (en) | 2000-11-01 | 2021-02-09 | Flexiworld Technologies, Inc. | Information apparatus that includes a touch sensitive screen interface for managing or replying to e-mails |
US9965233B2 (en) | 2000-11-20 | 2018-05-08 | Flexiworld Technologies, Inc. | Digital content services or stores over the internet that transmit or stream protected or encrypted digital content to connected devices and applications that access the digital content services or stores |
US11204729B2 (en) | 2000-11-01 | 2021-12-21 | Flexiworld Technologies, Inc. | Internet based digital content services for pervasively providing protected digital content to smart devices based on having subscribed to the digital content service |
US8831995B2 (en) | 2000-11-06 | 2014-09-09 | Numecent Holdings, Inc. | Optimized server for streamed applications |
US7062567B2 (en) | 2000-11-06 | 2006-06-13 | Endeavors Technology, Inc. | Intelligent network streaming and execution system for conventionally coded applications |
SE519251C2 (sv) * | 2000-11-08 | 2003-02-04 | Icomera Ab | En metod och ett system för överföring av paket mellan två olika enheter |
US8180870B1 (en) | 2000-11-28 | 2012-05-15 | Verizon Business Global Llc | Programmable access device for a distributed network access system |
US7657628B1 (en) | 2000-11-28 | 2010-02-02 | Verizon Business Global Llc | External processor for a distributed network access system |
US7046680B1 (en) * | 2000-11-28 | 2006-05-16 | Mci, Inc. | Network access system including a programmable access device having distributed service control |
US8185615B1 (en) | 2000-11-28 | 2012-05-22 | Verizon Business Global Llc | Message, control and reporting interface for a distributed network access system |
US20020078382A1 (en) * | 2000-11-29 | 2002-06-20 | Ali Sheikh | Scalable system for monitoring network system and components and methodology therefore |
US7050396B1 (en) | 2000-11-30 | 2006-05-23 | Cisco Technology, Inc. | Method and apparatus for automatically establishing bi-directional differentiated services treatment of flows in a network |
US7346928B1 (en) * | 2000-12-01 | 2008-03-18 | Network Appliance, Inc. | Decentralized appliance virus scanning |
US7778981B2 (en) * | 2000-12-01 | 2010-08-17 | Netapp, Inc. | Policy engine to control the servicing of requests received by a storage server |
US20020069271A1 (en) * | 2000-12-06 | 2002-06-06 | Glen Tindal | Event manager for network operating system |
US7249170B2 (en) | 2000-12-06 | 2007-07-24 | Intelliden | System and method for configuration, management and monitoring of network resources |
US7054946B2 (en) * | 2000-12-06 | 2006-05-30 | Intelliden | Dynamic configuration of network devices to enable data transfers |
US6978301B2 (en) | 2000-12-06 | 2005-12-20 | Intelliden | System and method for configuring a network device |
US8219662B2 (en) | 2000-12-06 | 2012-07-10 | International Business Machines Corporation | Redirecting data generated by network devices |
US7296292B2 (en) * | 2000-12-15 | 2007-11-13 | International Business Machines Corporation | Method and apparatus in an application framework system for providing a port and network hardware resource firewall for distributed applications |
US20020144143A1 (en) * | 2000-12-15 | 2002-10-03 | International Business Machines Corporation | Method and system for network management capable of restricting consumption of resources along endpoint-to-endpoint routes throughout a network |
US7116977B1 (en) | 2000-12-19 | 2006-10-03 | Bellsouth Intellectual Property Corporation | System and method for using location information to execute an action |
US7245925B2 (en) | 2000-12-19 | 2007-07-17 | At&T Intellectual Property, Inc. | System and method for using location information to execute an action |
US7130630B1 (en) | 2000-12-19 | 2006-10-31 | Bellsouth Intellectual Property Corporation | Location query service for wireless networks |
US7428411B2 (en) * | 2000-12-19 | 2008-09-23 | At&T Delaware Intellectual Property, Inc. | Location-based security rules |
US7181225B1 (en) | 2000-12-19 | 2007-02-20 | Bellsouth Intellectual Property Corporation | System and method for surveying wireless device users by location |
US7224978B2 (en) | 2000-12-19 | 2007-05-29 | Bellsouth Intellectual Property Corporation | Location blocking service from a wireless service provider |
US7110749B2 (en) | 2000-12-19 | 2006-09-19 | Bellsouth Intellectual Property Corporation | Identity blocking service from a wireless service provider |
US7085555B2 (en) | 2000-12-19 | 2006-08-01 | Bellsouth Intellectual Property Corporation | Location blocking service from a web advertiser |
US20020080784A1 (en) * | 2000-12-21 | 2002-06-27 | 802 Systems, Inc. | Methods and systems using PLD-based network communication protocols |
US20020083344A1 (en) * | 2000-12-21 | 2002-06-27 | Vairavan Kannan P. | Integrated intelligent inter/intra networking device |
US20020083331A1 (en) * | 2000-12-21 | 2002-06-27 | 802 Systems, Inc. | Methods and systems using PLD-based network communication protocols |
US20020124069A1 (en) * | 2000-12-28 | 2002-09-05 | Hatalkar Atul N. | Broadcast communication system with dynamic client-group memberships |
US6965939B2 (en) * | 2001-01-05 | 2005-11-15 | International Business Machines Corporation | Method and apparatus for processing requests in a network data processing system based on a trust association between servers |
US7188145B2 (en) * | 2001-01-12 | 2007-03-06 | Epicrealm Licensing Llc | Method and system for dynamic distributed data caching |
US7035911B2 (en) | 2001-01-12 | 2006-04-25 | Epicrealm, Licensing Llc | Method and system for community data caching |
US20020097419A1 (en) | 2001-01-19 | 2002-07-25 | Chang William Ho | Information apparatus for universal data output |
EP1356653B1 (en) * | 2001-01-24 | 2011-07-20 | Broadcom Corporation | Method for processing multiple security policies applied to a data packet structure |
US20020116644A1 (en) * | 2001-01-30 | 2002-08-22 | Galea Secured Networks Inc. | Adapter card for wirespeed security treatment of communications traffic |
FI20010267A0 (fi) * | 2001-02-13 | 2001-02-13 | Stonesoft Oy | Tietoturvagatewayn tilatietojen synkronointi |
DE60212599D1 (de) * | 2001-03-01 | 2006-08-03 | Storeage Networking Technologi | Sicherheit für ein san (storage area network) |
US7284267B1 (en) * | 2001-03-08 | 2007-10-16 | Mcafee, Inc. | Automatically configuring a computer firewall based on network connection |
US6928465B2 (en) * | 2001-03-16 | 2005-08-09 | Wells Fargo Bank, N.A. | Redundant email address detection and capture system |
US7882555B2 (en) * | 2001-03-16 | 2011-02-01 | Kavado, Inc. | Application layer security method and system |
US6920493B1 (en) * | 2001-03-19 | 2005-07-19 | Networks Associates Technology, Inc. | System and method for communicating coalesced rule parameters in a distributed computing environment |
US7150037B2 (en) * | 2001-03-21 | 2006-12-12 | Intelliden, Inc. | Network configuration manager |
US7181017B1 (en) | 2001-03-23 | 2007-02-20 | David Felsher | System and method for secure three-party communications |
US20020184525A1 (en) * | 2001-03-29 | 2002-12-05 | Lebin Cheng | Style sheet transformation driven firewall access list generation |
US20020144150A1 (en) * | 2001-04-03 | 2002-10-03 | Hale Douglas Lavell | Providing access control via the layer manager |
JP3474548B2 (ja) * | 2001-04-09 | 2003-12-08 | アライドテレシス株式会社 | 集合建築物 |
US7350078B1 (en) | 2001-04-26 | 2008-03-25 | Gary Odom | User selection of computer login |
US7143441B2 (en) * | 2001-05-08 | 2006-11-28 | Aramira Corporation | Wireless device mobile application security system |
US20020198994A1 (en) * | 2001-05-15 | 2002-12-26 | Charles Patton | Method and system for enabling and controlling communication topology, access to resources, and document flow in a distributed networking environment |
US7536715B2 (en) * | 2001-05-25 | 2009-05-19 | Secure Computing Corporation | Distributed firewall system and method |
US20050198379A1 (en) | 2001-06-13 | 2005-09-08 | Citrix Systems, Inc. | Automatically reconnecting a client across reliable and persistent communication sessions |
GB2376854A (en) * | 2001-06-19 | 2002-12-24 | Hewlett Packard Co | Centralised security service for ISP environment |
US7315892B2 (en) * | 2001-06-27 | 2008-01-01 | International Business Machines Corporation | In-kernel content-aware service differentiation |
US7039532B2 (en) * | 2001-06-28 | 2006-05-02 | Hunter Robert R | Method and apparatus for reading and controlling utility consumption |
US6622097B2 (en) * | 2001-06-28 | 2003-09-16 | Robert R. Hunter | Method and apparatus for reading and controlling electric power consumption |
US6513122B1 (en) | 2001-06-29 | 2003-01-28 | Networks Associates Technology, Inc. | Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities |
US7065783B2 (en) | 2001-07-06 | 2006-06-20 | Aramira Corporation | Mobile application access control list security system |
US7546629B2 (en) * | 2002-03-06 | 2009-06-09 | Check Point Software Technologies, Inc. | System and methodology for security policy arbitration |
US20040107360A1 (en) * | 2002-12-02 | 2004-06-03 | Zone Labs, Inc. | System and Methodology for Policy Enforcement |
US7590684B2 (en) * | 2001-07-06 | 2009-09-15 | Check Point Software Technologies, Inc. | System providing methodology for access control with cooperative enforcement |
US20040001433A1 (en) * | 2001-07-18 | 2004-01-01 | Gram Charles Andrew | Interactive control of network devices |
US7131141B1 (en) * | 2001-07-27 | 2006-10-31 | At&T Corp. | Method and apparatus for securely connecting a plurality of trust-group networks, a protected resource network and an untrusted network |
CA2456118C (en) * | 2001-08-03 | 2008-10-28 | Networks Associates Technology, Inc. | System and method for providing passive screening of transient messages in a distributed computing environment |
US7461403B1 (en) | 2001-08-03 | 2008-12-02 | Mcafee, Inc. | System and method for providing passive screening of transient messages in a distributed computing environment |
EP1417820B1 (de) * | 2001-08-07 | 2017-02-08 | PHOENIX CONTACT Cyber Security AG | Verfahren und computersystem zur sicherung der kommunikation in netzwerken |
US7178165B2 (en) * | 2001-08-20 | 2007-02-13 | Lenovo (Signapore) Pte Ltd. | Additional layer in operating system to protect system from hacking |
US8296400B2 (en) | 2001-08-29 | 2012-10-23 | International Business Machines Corporation | System and method for generating a configuration schema |
US7200548B2 (en) * | 2001-08-29 | 2007-04-03 | Intelliden | System and method for modeling a network device's configuration |
US20030046583A1 (en) * | 2001-08-30 | 2003-03-06 | Honeywell International Inc. | Automated configuration of security software suites |
US7269649B1 (en) * | 2001-08-31 | 2007-09-11 | Mcafee, Inc. | Protocol layer-level system and method for detecting virus activity |
US6986160B1 (en) * | 2001-08-31 | 2006-01-10 | Mcafee, Inc. | Security scanning system and method utilizing generic IP addresses |
US7003514B2 (en) * | 2001-09-13 | 2006-02-21 | International Business Machines Corporation | Method and apparatus for restricting a fan-out search in a peer-to-peer network based on accessibility of nodes |
JP2003099341A (ja) * | 2001-09-20 | 2003-04-04 | Canon Inc | ネットワークデバイス管理装置、管理システム及び管理方法、並びにネットワークデバイス |
US7302700B2 (en) * | 2001-09-28 | 2007-11-27 | Juniper Networks, Inc. | Method and apparatus for implementing a layer 3/layer 7 firewall in an L2 device |
US8868715B2 (en) | 2001-10-15 | 2014-10-21 | Volli Polymer Gmbh Llc | Report generation and visualization systems and methods and their use in testing frameworks for determining suitability of a network for target applications |
US8543681B2 (en) * | 2001-10-15 | 2013-09-24 | Volli Polymer Gmbh Llc | Network topology discovery systems and methods |
US7536712B2 (en) * | 2001-10-16 | 2009-05-19 | Microsoft Corporation | Flexible electronic message security mechanism |
US20030074579A1 (en) * | 2001-10-16 | 2003-04-17 | Microsoft Corporation | Virtual distributed security system |
US20030079053A1 (en) * | 2001-10-23 | 2003-04-24 | Kevin Burns | System and method for evaluating effectiveness of network configuration management tools |
US7316029B1 (en) * | 2001-10-25 | 2008-01-01 | Sprint Communications Company L.P. | Network security services architecture |
US20030084331A1 (en) * | 2001-10-26 | 2003-05-01 | Microsoft Corporation | Method for providing user authentication/authorization and distributed firewall utilizing same |
US7317699B2 (en) | 2001-10-26 | 2008-01-08 | Research In Motion Limited | System and method for controlling configuration settings for mobile communication devices and services |
US7197762B2 (en) | 2001-10-31 | 2007-03-27 | Hewlett-Packard Development Company, L.P. | Method, computer readable medium, and node for a three-layered intrusion prevention system for detecting network exploits |
US20030084319A1 (en) * | 2001-10-31 | 2003-05-01 | Tarquini Richard Paul | Node, method and computer readable medium for inserting an intrusion prevention system into a network stack |
JP2003140890A (ja) | 2001-10-31 | 2003-05-16 | Asgent Inc | 電子機器設定情報作成方法及び装置並びにセキュリティポリシー作成方法及び関連装置 |
US6978446B2 (en) * | 2001-11-01 | 2005-12-20 | International Business Machines Corporation | System and method for protecting against leakage of sensitive information from compromising electromagnetic emanations from computing systems |
US7370353B2 (en) * | 2001-11-05 | 2008-05-06 | Cisco Technology, Inc. | System and method for managing dynamic network sessions |
US7065562B2 (en) * | 2001-11-26 | 2006-06-20 | Intelliden, Inc. | System and method for generating a representation of a configuration schema |
US7418484B2 (en) * | 2001-11-30 | 2008-08-26 | Oracle International Corporation | System and method for actively managing an enterprise of configurable components |
US20030126464A1 (en) * | 2001-12-04 | 2003-07-03 | Mcdaniel Patrick D. | Method and system for determining and enforcing security policy in a communication session |
US7350226B2 (en) * | 2001-12-13 | 2008-03-25 | Bea Systems, Inc. | System and method for analyzing security policies in a distributed computer network |
CA2365441C (en) * | 2001-12-19 | 2010-02-16 | Diversinet Corp. | Method of establishing secure communications in a digital network using pseudonymic digital identifiers |
US8185943B1 (en) | 2001-12-20 | 2012-05-22 | Mcafee, Inc. | Network adapter firewall system and method |
US7761605B1 (en) | 2001-12-20 | 2010-07-20 | Mcafee, Inc. | Embedded anti-virus scanner for a network adapter |
US7127441B2 (en) | 2002-01-03 | 2006-10-24 | Scott Abram Musman | System and method for using agent-based distributed case-based reasoning to manage a computer network |
US7543056B2 (en) | 2002-01-15 | 2009-06-02 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7257630B2 (en) | 2002-01-15 | 2007-08-14 | Mcafee, Inc. | System and method for network vulnerability detection and reporting |
US7099319B2 (en) * | 2002-01-23 | 2006-08-29 | International Business Machines Corporation | Virtual private network and tunnel gateway with multiple overlapping, remote subnets |
US20030163692A1 (en) * | 2002-01-31 | 2003-08-28 | Brocade Communications Systems, Inc. | Network security and applications to the fabric |
US7174566B2 (en) * | 2002-02-01 | 2007-02-06 | Intel Corporation | Integrated network intrusion detection |
US7506147B2 (en) * | 2002-02-04 | 2009-03-17 | Sonus Networks, Inc. | Policy distribution point for setting up network-based services |
US7855972B2 (en) * | 2002-02-08 | 2010-12-21 | Enterasys Networks, Inc. | Creating, modifying and storing service abstractions and role abstractions representing one or more packet rules |
US6892309B2 (en) * | 2002-02-08 | 2005-05-10 | Enterasys Networks, Inc. | Controlling usage of network resources by a user at the user's entry point to a communications network based on an identity of the user |
US6990592B2 (en) | 2002-02-08 | 2006-01-24 | Enterasys Networks, Inc. | Controlling concurrent usage of network resources by multiple users at an entry point to a communications network based on identities of the users |
US7333432B1 (en) | 2002-02-12 | 2008-02-19 | Cisco Technology, Inc. | Method and apparatus for configuring network elements to support real time applications |
US7477600B1 (en) | 2002-02-12 | 2009-01-13 | Cisco Technology, Inc. | Method and apparatus for configuring network elements to support real time applications based on meta-templates |
US7984157B2 (en) | 2002-02-26 | 2011-07-19 | Citrix Systems, Inc. | Persistent and reliable session securely traversing network components using an encapsulating protocol |
US7661129B2 (en) | 2002-02-26 | 2010-02-09 | Citrix Systems, Inc. | Secure traversal of network components |
US7624434B2 (en) * | 2002-03-01 | 2009-11-24 | 3Com Corporation | System for providing firewall capabilities to a communication device |
US9426178B1 (en) * | 2002-03-25 | 2016-08-23 | Dell Software Inc. | Method and apparatus for centralized policy programming and distributive policy enforcement |
ATE389640T1 (de) * | 2002-03-28 | 2008-04-15 | Wisys Technology Found Inc | Angstlösende wirkstoffe mit verminderten beruhigenden und ataktischen nebenwirkungen |
IL149583A0 (en) * | 2002-05-09 | 2003-07-06 | Kavado Israel Ltd | Method for automatic setting and updating of a security policy |
US7398321B2 (en) * | 2002-05-14 | 2008-07-08 | The Research Foundation Of Suny | Segment protection scheme for a network |
US6959329B2 (en) * | 2002-05-15 | 2005-10-25 | Intelliden | System and method for transforming configuration commands |
WO2003105015A1 (en) * | 2002-06-01 | 2003-12-18 | Akonix Systems, Inc. | Systems and methods for a protocol gateway |
US7657616B1 (en) | 2002-06-10 | 2010-02-02 | Quest Software, Inc. | Automatic discovery of users associated with screen names |
US7428590B2 (en) * | 2002-06-10 | 2008-09-23 | Akonix Systems, Inc. | Systems and methods for reflecting messages associated with a target protocol within a network |
US7707401B2 (en) * | 2002-06-10 | 2010-04-27 | Quest Software, Inc. | Systems and methods for a protocol gateway |
US7818565B2 (en) * | 2002-06-10 | 2010-10-19 | Quest Software, Inc. | Systems and methods for implementing protocol enforcement rules |
US20080196099A1 (en) * | 2002-06-10 | 2008-08-14 | Akonix Systems, Inc. | Systems and methods for detecting and blocking malicious content in instant messages |
US7774832B2 (en) * | 2002-06-10 | 2010-08-10 | Quest Software, Inc. | Systems and methods for implementing protocol enforcement rules |
US7631107B2 (en) * | 2002-06-11 | 2009-12-08 | Pandya Ashish A | Runtime adaptable protocol processor |
WO2003104943A2 (en) | 2002-06-11 | 2003-12-18 | Ashish A Pandya | High performance ip processor for tcp/ip, rdma and ip storage applications |
US7325140B2 (en) * | 2003-06-13 | 2008-01-29 | Engedi Technologies, Inc. | Secure management access control for computers, embedded and card embodiment |
US7496950B2 (en) * | 2002-06-13 | 2009-02-24 | Engedi Technologies, Inc. | Secure remote management appliance |
US20040003067A1 (en) * | 2002-06-27 | 2004-01-01 | Daniel Ferrin | System and method for enabling a user interface with GUI meta data |
US7194767B1 (en) * | 2002-06-28 | 2007-03-20 | Sprint Communications Company L.P. | Screened subnet having a secured utility VLAN |
US7464145B2 (en) | 2002-07-11 | 2008-12-09 | Intelliden, Inc. | Repository-independent system and method for asset management and reconciliation |
US20050254652A1 (en) * | 2002-07-16 | 2005-11-17 | Haim Engler | Automated network security system and method |
US7017186B2 (en) * | 2002-07-30 | 2006-03-21 | Steelcloud, Inc. | Intrusion detection system using self-organizing clusters |
US7143283B1 (en) * | 2002-07-31 | 2006-11-28 | Cisco Technology, Inc. | Simplifying the selection of network paths for implementing and managing security policies on a network |
US7461158B2 (en) | 2002-08-07 | 2008-12-02 | Intelliden, Inc. | System and method for controlling access rights to network resources |
US7366893B2 (en) * | 2002-08-07 | 2008-04-29 | Intelliden, Inc. | Method and apparatus for protecting a network from attack |
US7327690B2 (en) * | 2002-08-12 | 2008-02-05 | Harris Corporation | Wireless local or metropolitan area network with intrusion detection features and related methods |
US7225461B2 (en) * | 2002-09-04 | 2007-05-29 | Hitachi, Ltd. | Method for updating security information, client, server and management computer therefor |
US20100138909A1 (en) * | 2002-09-06 | 2010-06-03 | O2Micro, Inc. | Vpn and firewall integrated system |
WO2004023307A1 (en) * | 2002-09-06 | 2004-03-18 | O2Micro, Inc. | Vpn and firewall integrated system |
US7558847B2 (en) * | 2002-09-13 | 2009-07-07 | Intelliden, Inc. | System and method for mapping between and controlling different device abstractions |
US20040059943A1 (en) * | 2002-09-23 | 2004-03-25 | Bertrand Marquet | Embedded filtering policy manager using system-on-chip |
US7735134B2 (en) * | 2002-10-16 | 2010-06-08 | Aramira Corporation | Jumping application security system |
US7861242B2 (en) * | 2002-10-16 | 2010-12-28 | Aramira Corporation | Mobile application morphing system and method |
US6850943B2 (en) * | 2002-10-18 | 2005-02-01 | Check Point Software Technologies, Inc. | Security system and methodology for providing indirect access control |
US7308706B2 (en) * | 2002-10-28 | 2007-12-11 | Secure Computing Corporation | Associative policy model |
US8233392B2 (en) | 2003-07-29 | 2012-07-31 | Citrix Systems, Inc. | Transaction boundary detection for reduction in timeout penalties |
US7616638B2 (en) | 2003-07-29 | 2009-11-10 | Orbital Data Corporation | Wavefront detection and disambiguation of acknowledgments |
US7630305B2 (en) | 2003-07-29 | 2009-12-08 | Orbital Data Corporation | TCP selective acknowledgements for communicating delivered and missed data packets |
US8270423B2 (en) | 2003-07-29 | 2012-09-18 | Citrix Systems, Inc. | Systems and methods of using packet boundaries for reduction in timeout prevention |
US7552470B2 (en) * | 2002-11-21 | 2009-06-23 | Honeywell International Inc. | Generic security infrastructure for COM based systems |
FR2848046B1 (fr) * | 2002-12-02 | 2005-02-18 | Arkoon Network Security | Procede et dispositif d'acces pour securiser l'acces aux systemes d'information |
US20040117437A1 (en) * | 2002-12-16 | 2004-06-17 | Exanet, Co. | Method for efficient storing of sparse files in a distributed cache |
US7356601B1 (en) * | 2002-12-18 | 2008-04-08 | Cisco Technology, Inc. | Method and apparatus for authorizing network device operations that are requested by applications |
US20040123130A1 (en) * | 2002-12-20 | 2004-06-24 | Inrange Technologies Corporation | Method and apparatus for distributing and activating security parameters |
US8239942B2 (en) | 2002-12-30 | 2012-08-07 | Cisco Technology, Inc. | Parallel intrusion detection sensors with load balancing for high speed networks |
US20040128545A1 (en) * | 2002-12-31 | 2004-07-01 | International Business Machines Corporation | Host controlled dynamic firewall system |
US7134015B2 (en) * | 2003-01-16 | 2006-11-07 | International Business Machines Corporation | Security enhancements for pervasive devices |
US7219131B2 (en) * | 2003-01-16 | 2007-05-15 | Ironport Systems, Inc. | Electronic message delivery using an alternate source approach |
US7512703B2 (en) * | 2003-01-31 | 2009-03-31 | Hewlett-Packard Development Company, L.P. | Method of storing data concerning a computer network |
US9818136B1 (en) | 2003-02-05 | 2017-11-14 | Steven M. Hoffberg | System and method for determining contingent relevance |
JP4120415B2 (ja) * | 2003-02-10 | 2008-07-16 | 株式会社日立製作所 | トラフィック制御計算装置 |
US7536456B2 (en) | 2003-02-14 | 2009-05-19 | Preventsys, Inc. | System and method for applying a machine-processable policy rule to information gathered about a network |
US7627891B2 (en) | 2003-02-14 | 2009-12-01 | Preventsys, Inc. | Network audit and policy assurance system |
US7529754B2 (en) * | 2003-03-14 | 2009-05-05 | Websense, Inc. | System and method of monitoring and controlling application files |
US7185015B2 (en) | 2003-03-14 | 2007-02-27 | Websense, Inc. | System and method of monitoring and controlling application files |
US7558790B1 (en) | 2003-03-18 | 2009-07-07 | Troux Technologies | Method and system for querying an applied data model |
US8136155B2 (en) * | 2003-04-01 | 2012-03-13 | Check Point Software Technologies, Inc. | Security system with methodology for interprocess communication control |
US7277546B2 (en) * | 2003-04-09 | 2007-10-02 | New Jersey Institute Of Technology | Methods and apparatus for multi-level dynamic security system |
US20040210663A1 (en) * | 2003-04-15 | 2004-10-21 | Paul Phillips | Object-aware transport-layer network processing engine |
EP1634175B1 (en) * | 2003-05-28 | 2015-06-24 | Citrix Systems, Inc. | Multilayer access control security system |
US20060206615A1 (en) * | 2003-05-30 | 2006-09-14 | Yuliang Zheng | Systems and methods for dynamic and risk-aware network security |
US7260840B2 (en) * | 2003-06-06 | 2007-08-21 | Microsoft Corporation | Multi-layer based method for implementing network firewalls |
US7509673B2 (en) * | 2003-06-06 | 2009-03-24 | Microsoft Corporation | Multi-layered firewall architecture |
US7308711B2 (en) * | 2003-06-06 | 2007-12-11 | Microsoft Corporation | Method and framework for integrating a plurality of network policies |
US7685254B2 (en) * | 2003-06-10 | 2010-03-23 | Pandya Ashish A | Runtime adaptable search processor |
US20050108518A1 (en) * | 2003-06-10 | 2005-05-19 | Pandya Ashish A. | Runtime adaptable security processor |
US7788726B2 (en) * | 2003-07-02 | 2010-08-31 | Check Point Software Technologies, Inc. | System and methodology providing information lockbox |
TWI243555B (en) * | 2003-07-09 | 2005-11-11 | Hon Hai Prec Ind Co Ltd | Apparatus and method of firewall |
US8238241B2 (en) | 2003-07-29 | 2012-08-07 | Citrix Systems, Inc. | Automatic detection and window virtualization for flow control |
US8437284B2 (en) | 2003-07-29 | 2013-05-07 | Citrix Systems, Inc. | Systems and methods for additional retransmissions of dropped packets |
US7356587B2 (en) * | 2003-07-29 | 2008-04-08 | International Business Machines Corporation | Automatically detecting malicious computer network reconnaissance by updating state codes in a histogram |
US8432800B2 (en) | 2003-07-29 | 2013-04-30 | Citrix Systems, Inc. | Systems and methods for stochastic-based quality of service |
EP1517473B1 (en) * | 2003-09-22 | 2006-11-29 | Alcatel | Method for control of communications from an edge device of an access network and edge device and network management module for performing said method |
WO2005032042A1 (en) | 2003-09-24 | 2005-04-07 | Infoexpress, Inc. | Systems and methods of controlling network access |
US7349966B2 (en) * | 2003-09-30 | 2008-03-25 | International Business Machines Corporation | Method, system, and storage medium for providing context-based dynamic policy assignment in a distributed processing environment |
US7594224B2 (en) | 2003-10-10 | 2009-09-22 | Bea Systems, Inc. | Distributed enterprise security system |
US20050257245A1 (en) * | 2003-10-10 | 2005-11-17 | Bea Systems, Inc. | Distributed security system with dynamic roles |
US7346483B2 (en) * | 2003-10-10 | 2008-03-18 | Synopsys, Inc. | Dynamic FIFO for simulation |
US7644432B2 (en) * | 2003-10-10 | 2010-01-05 | Bea Systems, Inc. | Policy inheritance through nested groups |
US7444678B2 (en) * | 2003-10-28 | 2008-10-28 | Aol Llc | Securing resources from untrusted scripts behind firewalls |
US20050138416A1 (en) * | 2003-12-19 | 2005-06-23 | Microsoft Corporation | Object model for managing firewall services |
US7472356B2 (en) * | 2004-02-11 | 2008-12-30 | Microsoft Corporation | Collapsible container with semi-collapsed view |
EP1716676B1 (en) | 2004-02-17 | 2012-06-13 | Cisco Technology, Inc. | Collecting, aggregating, and managing information relating to electronic messages |
US7895648B1 (en) * | 2004-03-01 | 2011-02-22 | Cisco Technology, Inc. | Reliably continuing a secure connection when the address of a machine at one end of the connection changes |
US8468337B2 (en) * | 2004-03-02 | 2013-06-18 | International Business Machines Corporation | Secure data transfer over a network |
US7564976B2 (en) * | 2004-03-02 | 2009-07-21 | International Business Machines Corporation | System and method for performing security operations on network data |
US20050201391A1 (en) * | 2004-03-11 | 2005-09-15 | Hung-Fang Ma | Network address translation router and related method |
US8782654B2 (en) | 2004-03-13 | 2014-07-15 | Adaptive Computing Enterprises, Inc. | Co-allocating a reservation spanning different compute resources types |
US8201257B1 (en) | 2004-03-31 | 2012-06-12 | Mcafee, Inc. | System and method of managing network security risks |
US8230480B2 (en) * | 2004-04-26 | 2012-07-24 | Avaya Inc. | Method and apparatus for network security based on device security status |
US8161520B1 (en) * | 2004-04-30 | 2012-04-17 | Oracle America, Inc. | Methods and systems for securing a system in an adaptive computer environment |
US20050261970A1 (en) * | 2004-05-21 | 2005-11-24 | Wayport, Inc. | Method for providing wireless services |
US7756930B2 (en) | 2004-05-28 | 2010-07-13 | Ironport Systems, Inc. | Techniques for determining the reputation of a message sender |
US8166310B2 (en) | 2004-05-29 | 2012-04-24 | Ironport Systems, Inc. | Method and apparatus for providing temporary access to a network device |
US7849142B2 (en) | 2004-05-29 | 2010-12-07 | Ironport Systems, Inc. | Managing connections, messages, and directory harvest attacks at a server |
US7917588B2 (en) * | 2004-05-29 | 2011-03-29 | Ironport Systems, Inc. | Managing delivery of electronic messages using bounce profiles |
US7873695B2 (en) | 2004-05-29 | 2011-01-18 | Ironport Systems, Inc. | Managing connections and messages at a server by associating different actions for both different senders and different recipients |
US7870200B2 (en) | 2004-05-29 | 2011-01-11 | Ironport Systems, Inc. | Monitoring the flow of messages received at a server |
US7526792B2 (en) * | 2004-06-09 | 2009-04-28 | Intel Corporation | Integration of policy compliance enforcement and device authentication |
US7774824B2 (en) * | 2004-06-09 | 2010-08-10 | Intel Corporation | Multifactor device authentication |
US7640317B2 (en) * | 2004-06-10 | 2009-12-29 | Cisco Technology, Inc. | Configuration commit database approach and session locking approach in a two-stage network device configuration process |
US7853676B1 (en) | 2004-06-10 | 2010-12-14 | Cisco Technology, Inc. | Protocol for efficient exchange of XML documents with a network device |
US7660882B2 (en) * | 2004-06-10 | 2010-02-09 | Cisco Technology, Inc. | Deploying network element management system provisioning services |
US7748038B2 (en) * | 2004-06-16 | 2010-06-29 | Ironport Systems, Inc. | Method and apparatus for managing computer virus outbreaks |
JP4379223B2 (ja) * | 2004-06-18 | 2009-12-09 | 日本電気株式会社 | 動作モデル作成システム、動作モデル作成方法および動作モデル作成プログラム |
US20070266388A1 (en) | 2004-06-18 | 2007-11-15 | Cluster Resources, Inc. | System and method for providing advanced reservations in a compute environment |
WO2006002108A2 (en) | 2004-06-21 | 2006-01-05 | Musman Scott A | Computer network management using agent-based distributed reasoning |
US7617501B2 (en) | 2004-07-09 | 2009-11-10 | Quest Software, Inc. | Apparatus, system, and method for managing policies on a computer having a foreign operating system |
FR2872983A1 (fr) * | 2004-07-09 | 2006-01-13 | Thomson Licensing Sa | Systeme de pare-feu protegeant une communaute d'appareils, appareil participant au systeme et methode de mise a jour des regles de pare-feu au sein du systeme |
US7540016B2 (en) * | 2004-07-21 | 2009-05-26 | Beachhead Solutions, Inc. | System and method for lost data destruction of electronic data stored on a portable electronic device which communicates with servers that are inside of and outside of a firewall |
US7543144B2 (en) * | 2004-07-21 | 2009-06-02 | Beachhead Solutions | System and method for lost data destruction of electronic data stored on portable electronic devices |
US7421589B2 (en) * | 2004-07-21 | 2008-09-02 | Beachhead Solutions, Inc. | System and method for lost data destruction of electronic data stored on a portable electronic device using a security interval |
GB2416879B (en) | 2004-08-07 | 2007-04-04 | Surfcontrol Plc | Device resource access filtering system and method |
US20060031928A1 (en) * | 2004-08-09 | 2006-02-09 | Conley James W | Detector and computerized method for determining an occurrence of tunneling activity |
US8725521B2 (en) * | 2004-08-13 | 2014-05-13 | International Business Machines Corporation | System and method for designing secure business solutions using patterns |
US8176490B1 (en) | 2004-08-20 | 2012-05-08 | Adaptive Computing Enterprises, Inc. | System and method of interfacing a workload manager and scheduler with an identity manager |
GB2418108B (en) | 2004-09-09 | 2007-06-27 | Surfcontrol Plc | System, method and apparatus for use in monitoring or controlling internet access |
GB2418037B (en) | 2004-09-09 | 2007-02-28 | Surfcontrol Plc | System, method and apparatus for use in monitoring or controlling internet access |
US7561515B2 (en) * | 2004-09-27 | 2009-07-14 | Intel Corporation | Role-based network traffic-flow rate control |
US20060075481A1 (en) * | 2004-09-28 | 2006-04-06 | Ross Alan D | System, method and device for intrusion prevention |
US7711835B2 (en) | 2004-09-30 | 2010-05-04 | Citrix Systems, Inc. | Method and apparatus for reducing disclosure of proprietary data in a networked environment |
US8613048B2 (en) | 2004-09-30 | 2013-12-17 | Citrix Systems, Inc. | Method and apparatus for providing authorized remote access to application sessions |
US7748032B2 (en) | 2004-09-30 | 2010-06-29 | Citrix Systems, Inc. | Method and apparatus for associating tickets in a ticket hierarchy |
US7421739B2 (en) * | 2004-10-04 | 2008-09-02 | American Express Travel Related Services Company, Inc. | System and method for monitoring and ensuring data integrity in an enterprise security system |
CA2586763C (en) | 2004-11-08 | 2013-12-17 | Cluster Resources, Inc. | System and method of providing system jobs within a compute environment |
EP1834448B1 (en) * | 2004-12-30 | 2016-03-16 | Telecom Italia S.p.A. | Admission control in a telecommunication network |
DE102005001150B4 (de) * | 2005-01-10 | 2006-11-16 | Siemens Ag | Verfahren zur Einrichtung von verteilten Filtern in einem Paket-orientierten Netz basierend auf abstrakten Sicherheits-Vorgaben |
US7620974B2 (en) * | 2005-01-12 | 2009-11-17 | Symantec | Distributed traffic scanning through data stream security tagging |
US8077632B2 (en) * | 2005-01-20 | 2011-12-13 | Citrix Systems, Inc. | Automatic LAN/WAN port detection |
US8024568B2 (en) | 2005-01-28 | 2011-09-20 | Citrix Systems, Inc. | Method and system for verification of an endpoint security scan |
US8863143B2 (en) | 2006-03-16 | 2014-10-14 | Adaptive Computing Enterprises, Inc. | System and method for managing a hybrid compute environment |
US9231886B2 (en) | 2005-03-16 | 2016-01-05 | Adaptive Computing Enterprises, Inc. | Simple integration of an on-demand compute environment |
US20060212422A1 (en) * | 2005-03-21 | 2006-09-21 | Anil Khilani | Efficiently executing commands against a large set of servers with near real time feedback of execution and presentation of the output of the commands |
US8024523B2 (en) | 2007-11-07 | 2011-09-20 | Endeavors Technologies, Inc. | Opportunistic block transmission with time constraints |
US20060230279A1 (en) * | 2005-03-30 | 2006-10-12 | Morris Robert P | Methods, systems, and computer program products for establishing trusted access to a communication network |
US20060230278A1 (en) * | 2005-03-30 | 2006-10-12 | Morris Robert P | Methods,systems, and computer program products for determining a trust indication associated with access to a communication network |
EP3203374B1 (en) | 2005-04-07 | 2021-11-24 | III Holdings 12, LLC | On-demand access to compute resources |
US8234223B1 (en) | 2005-04-28 | 2012-07-31 | Troux Technologies, Inc. | Method and system for calculating cost of an asset using a data model |
US20060265737A1 (en) * | 2005-05-23 | 2006-11-23 | Morris Robert P | Methods, systems, and computer program products for providing trusted access to a communicaiton network based on location |
US7434041B2 (en) * | 2005-08-22 | 2008-10-07 | Oracle International Corporation | Infrastructure for verifying configuration and health of a multi-node computer system |
US7590733B2 (en) * | 2005-09-14 | 2009-09-15 | Infoexpress, Inc. | Dynamic address assignment for access control on DHCP networks |
JP4489676B2 (ja) * | 2005-09-28 | 2010-06-23 | 富士通株式会社 | 通信システム |
US8874477B2 (en) | 2005-10-04 | 2014-10-28 | Steven Mark Hoffberg | Multifactorial optimization system and method |
US8615578B2 (en) * | 2005-10-07 | 2013-12-24 | Oracle International Corporation | Using a standby data storage system to detect the health of a cluster of data storage servers |
EP1946217A2 (en) * | 2005-11-03 | 2008-07-23 | Akonix Systems, Inc. | Systems and methods for remote rogue protocol enforcement |
US8347373B2 (en) | 2007-05-08 | 2013-01-01 | Fortinet, Inc. | Content filtering of remote file-system access protocols |
US7904949B2 (en) | 2005-12-19 | 2011-03-08 | Quest Software, Inc. | Apparatus, systems and methods to provide authentication services to a legacy application |
US8087075B2 (en) | 2006-02-13 | 2011-12-27 | Quest Software, Inc. | Disconnected credential validation using pre-fetched service tickets |
US20070192858A1 (en) * | 2006-02-16 | 2007-08-16 | Infoexpress, Inc. | Peer based network access control |
US7890755B2 (en) * | 2006-02-28 | 2011-02-15 | The Boeing Company | High-assurance web-based configuration of secure network server |
US8635388B2 (en) * | 2006-03-31 | 2014-01-21 | Broadcom Corporation | Method and system for an OS virtualization-aware network interface card |
GB2468799B (en) * | 2006-03-31 | 2011-04-06 | Intel Corp | Hierarchical trust based posture reporting and policy enforcement |
US20070250932A1 (en) * | 2006-04-20 | 2007-10-25 | Pravin Kothari | Integrated enterprise-level compliance and risk management system |
US8122492B2 (en) * | 2006-04-21 | 2012-02-21 | Microsoft Corporation | Integration of social network information and network firewalls |
US8079073B2 (en) * | 2006-05-05 | 2011-12-13 | Microsoft Corporation | Distributed firewall implementation and control |
US8176157B2 (en) * | 2006-05-18 | 2012-05-08 | Microsoft Corporation | Exceptions grouping |
US8214877B1 (en) * | 2006-05-22 | 2012-07-03 | Troux Technologies | System and method for the implementation of policies |
US8726020B2 (en) * | 2006-05-31 | 2014-05-13 | Microsoft Corporation | Updating configuration information to a perimeter network |
US8429712B2 (en) | 2006-06-08 | 2013-04-23 | Quest Software, Inc. | Centralized user authentication system apparatus and method |
US8020206B2 (en) | 2006-07-10 | 2011-09-13 | Websense, Inc. | System and method of analyzing web content |
US8615800B2 (en) | 2006-07-10 | 2013-12-24 | Websense, Inc. | System and method for analyzing web content |
US20080071770A1 (en) * | 2006-09-18 | 2008-03-20 | Nokia Corporation | Method, Apparatus and Computer Program Product for Viewing a Virtual Database Using Portable Devices |
US8086710B2 (en) | 2006-10-30 | 2011-12-27 | Quest Software, Inc. | Identity migration apparatus and method |
US8533846B2 (en) | 2006-11-08 | 2013-09-10 | Citrix Systems, Inc. | Method and system for dynamically associating access rights with a resource |
US8281360B2 (en) | 2006-11-21 | 2012-10-02 | Steven Adams Flewallen | Control of communication ports of computing devices using policy-based decisions |
US9654495B2 (en) | 2006-12-01 | 2017-05-16 | Websense, Llc | System and method of analyzing web addresses |
US9141557B2 (en) | 2006-12-08 | 2015-09-22 | Ashish A. Pandya | Dynamic random access memory (DRAM) that comprises a programmable intelligent search memory (PRISM) and a cryptography processing engine |
US7996348B2 (en) | 2006-12-08 | 2011-08-09 | Pandya Ashish A | 100GBPS security and search architecture using programmable intelligent search memory (PRISM) that comprises one or more bit interval counters |
GB2445764A (en) | 2007-01-22 | 2008-07-23 | Surfcontrol Plc | Resource access filtering system and database structure for use therewith |
US8015174B2 (en) | 2007-02-28 | 2011-09-06 | Websense, Inc. | System and method of controlling access to the internet |
US8316427B2 (en) * | 2007-03-09 | 2012-11-20 | International Business Machines Corporation | Enhanced personal firewall for dynamic computing environments |
US7730200B2 (en) * | 2007-03-14 | 2010-06-01 | Hewlett-Packard Development Company, L.P. | Synthetic bridging for networks |
US8024486B2 (en) | 2007-03-14 | 2011-09-20 | Hewlett-Packard Development Company, L.P. | Converting data from a first network format to non-network format and from the non-network format to a second network format |
US8695081B2 (en) * | 2007-04-10 | 2014-04-08 | International Business Machines Corporation | Method to apply network encryption to firewall decisions |
US7941837B1 (en) * | 2007-04-18 | 2011-05-10 | Juniper Networks, Inc. | Layer two firewall with active-active high availability support |
US20080034408A1 (en) * | 2007-04-23 | 2008-02-07 | Sachin Duggal | Network-Based Computing Service On A Streamed Virtual Computer |
US8756293B2 (en) | 2007-04-23 | 2014-06-17 | Nholdings Sa | Providing a user with virtual computing services |
US8584227B2 (en) * | 2007-05-09 | 2013-11-12 | Microsoft Corporation | Firewall with policy hints |
US7941838B2 (en) * | 2007-05-09 | 2011-05-10 | Microsoft Corporation | Firewall control with multiple profiles |
ATE472476T1 (de) * | 2007-05-11 | 2010-07-15 | Sca Hygiene Prod Ab | Verpackungs- und versorgungsvorrichtung zum gruppieren von produktobjekten |
US8166534B2 (en) * | 2007-05-18 | 2012-04-24 | Microsoft Corporation | Incorporating network connection security levels into firewall rules |
GB0709527D0 (en) | 2007-05-18 | 2007-06-27 | Surfcontrol Plc | Electronic messaging system, message processing apparatus and message processing method |
US7853992B2 (en) * | 2007-05-31 | 2010-12-14 | Microsoft Corporation | Configuring security mechanisms utilizing a trust system |
EP2026529A1 (en) | 2007-07-12 | 2009-02-18 | Wayport, Inc. | Device-specific authorization at distributed locations |
US8908700B2 (en) | 2007-09-07 | 2014-12-09 | Citrix Systems, Inc. | Systems and methods for bridging a WAN accelerator with a security gateway |
US8041773B2 (en) | 2007-09-24 | 2011-10-18 | The Research Foundation Of State University Of New York | Automatic clustering for self-organizing grids |
US7783666B1 (en) | 2007-09-26 | 2010-08-24 | Netapp, Inc. | Controlling access to storage resources by using access pattern based quotas |
US8027956B1 (en) | 2007-10-30 | 2011-09-27 | Troux Technologies | System and method for planning or monitoring system transformations |
US8892738B2 (en) | 2007-11-07 | 2014-11-18 | Numecent Holdings, Inc. | Deriving component statistics for a stream enabled application |
US8365276B1 (en) * | 2007-12-10 | 2013-01-29 | Mcafee, Inc. | System, method and computer program product for sending unwanted activity information to a central system |
US9507784B2 (en) | 2007-12-21 | 2016-11-29 | Netapp, Inc. | Selective extraction of information from a mirrored image file |
US8566839B2 (en) | 2008-03-14 | 2013-10-22 | William J. Johnson | System and method for automated content presentation objects |
US8897742B2 (en) | 2009-11-13 | 2014-11-25 | William J. Johnson | System and method for sudden proximal user interface |
US8639267B2 (en) | 2008-03-14 | 2014-01-28 | William J. Johnson | System and method for location based exchanges of data facilitating distributed locational applications |
US8761751B2 (en) | 2008-03-14 | 2014-06-24 | William J. Johnson | System and method for targeting data processing system(s) with data |
US8600341B2 (en) | 2008-03-14 | 2013-12-03 | William J. Johnson | System and method for location based exchanges of data facilitating distributed locational applications |
US8634796B2 (en) | 2008-03-14 | 2014-01-21 | William J. Johnson | System and method for location based exchanges of data facilitating distributed location applications |
WO2010002816A1 (en) | 2008-06-30 | 2010-01-07 | Websense, Inc. | System and method for dynamic and real-time categorization of webpages |
US20100011432A1 (en) * | 2008-07-08 | 2010-01-14 | Microsoft Corporation | Automatically distributed network protection |
US8978104B1 (en) | 2008-07-23 | 2015-03-10 | United Services Automobile Association (Usaa) | Access control center workflow and approval |
US8707397B1 (en) | 2008-09-10 | 2014-04-22 | United Services Automobile Association | Access control center auto launch |
US8850525B1 (en) | 2008-09-17 | 2014-09-30 | United Services Automobile Association (Usaa) | Access control center auto configuration |
US8490187B2 (en) | 2009-03-20 | 2013-07-16 | Microsoft Corporation | Controlling malicious activity detection using behavioral models |
BRPI1010897A2 (pt) | 2009-05-19 | 2019-02-19 | Nholdings Sa | método e sistema para prover um dispositivo local com serviços de computador de um provedor remoto e método e sistema para anunciar um usuário de uma máquina virtual hospedada por um servido remoto |
AU2010254269A1 (en) | 2009-05-26 | 2011-12-22 | Websense, Inc. | Systems and methods for efficient detection of fingerprinted data and information |
US8255984B1 (en) | 2009-07-01 | 2012-08-28 | Quest Software, Inc. | Single sign-on system for shared resource environments |
US8489685B2 (en) | 2009-07-17 | 2013-07-16 | Aryaka Networks, Inc. | Application acceleration as a service system and method |
US9442810B2 (en) * | 2009-07-31 | 2016-09-13 | Paypal, Inc. | Cloud computing: unified management console for services and resources in a data center |
US20110047381A1 (en) * | 2009-08-21 | 2011-02-24 | Board Of Regents, The University Of Texas System | Safemashups cloud trust broker |
US20110072487A1 (en) | 2009-09-23 | 2011-03-24 | Computer Associates Think, Inc. | System, Method, and Software for Providing Access Control Enforcement Capabilities in Cloud Computing Systems |
US9876735B2 (en) | 2009-10-30 | 2018-01-23 | Iii Holdings 2, Llc | Performance and power optimized computer system architectures and methods leveraging power optimized tree fabric interconnect |
US20130107444A1 (en) | 2011-10-28 | 2013-05-02 | Calxeda, Inc. | System and method for flexible storage and networking provisioning in large scalable processor installations |
US9465771B2 (en) | 2009-09-24 | 2016-10-11 | Iii Holdings 2, Llc | Server on a chip and node cards comprising one or more of same |
US8599863B2 (en) | 2009-10-30 | 2013-12-03 | Calxeda, Inc. | System and method for using a multi-protocol fabric module across a distributed server interconnect fabric |
US9077654B2 (en) * | 2009-10-30 | 2015-07-07 | Iii Holdings 2, Llc | System and method for data center security enhancements leveraging managed server SOCs |
US20110103391A1 (en) | 2009-10-30 | 2011-05-05 | Smooth-Stone, Inc. C/O Barry Evans | System and method for high-performance, low-power data center interconnect fabric |
US9054990B2 (en) | 2009-10-30 | 2015-06-09 | Iii Holdings 2, Llc | System and method for data center security enhancements leveraging server SOCs or server fabrics |
US9680770B2 (en) | 2009-10-30 | 2017-06-13 | Iii Holdings 2, Llc | System and method for using a multi-protocol fabric module across a distributed server interconnect fabric |
US9648102B1 (en) | 2012-12-27 | 2017-05-09 | Iii Holdings 2, Llc | Memcached server functionality in a cluster of data processing nodes |
US11720290B2 (en) | 2009-10-30 | 2023-08-08 | Iii Holdings 2, Llc | Memcached server functionality in a cluster of data processing nodes |
US9311269B2 (en) | 2009-10-30 | 2016-04-12 | Iii Holdings 2, Llc | Network proxy for high-performance, low-power data center interconnect fabric |
US10877695B2 (en) | 2009-10-30 | 2020-12-29 | Iii Holdings 2, Llc | Memcached server functionality in a cluster of data processing nodes |
US9215236B2 (en) * | 2010-02-22 | 2015-12-15 | Avaya Inc. | Secure, policy-based communications security and file sharing across mixed media, mixed-communications modalities and extensible to cloud computing such as SOA |
US9485218B2 (en) * | 2010-03-23 | 2016-11-01 | Adventium Enterprises, Llc | Device for preventing, detecting and responding to security threats |
US9491052B2 (en) * | 2010-03-26 | 2016-11-08 | Bladelogic, Inc. | Topology aware smart merge |
US8918856B2 (en) | 2010-06-24 | 2014-12-23 | Microsoft Corporation | Trusted intermediary for network layer claims-enabled access control |
US8839346B2 (en) | 2010-07-21 | 2014-09-16 | Citrix Systems, Inc. | Systems and methods for providing a smart group |
US8528069B2 (en) * | 2010-09-30 | 2013-09-03 | Microsoft Corporation | Trustworthy device claims for enterprise applications |
US8635592B1 (en) | 2011-02-08 | 2014-01-21 | Troux Technologies, Inc. | Method and system for tailoring software functionality |
DE112012003293T5 (de) * | 2011-08-10 | 2014-05-08 | Gita Srivastava | Vorrichtung und Verfahren zur Verbesserung der Datensicherheit in einer Host-Computer-Vorrichtung und einer Peripherie-Vorrichtung |
US9537891B1 (en) * | 2011-09-27 | 2017-01-03 | Palo Alto Networks, Inc. | Policy enforcement based on dynamically attribute-based matched network objects |
US8930529B1 (en) | 2011-09-27 | 2015-01-06 | Palo Alto Networks, Inc. | Policy enforcement with dynamic address object |
US9047109B1 (en) | 2012-06-20 | 2015-06-02 | Palo Alto Networks, Inc. | Policy enforcement in virtualized environment |
US9092594B2 (en) | 2011-10-31 | 2015-07-28 | Iii Holdings 2, Llc | Node card management in a modular and large scalable server system |
CA2879180A1 (en) | 2012-03-07 | 2013-09-12 | Snap Trends, Inc. | Methods and systems of aggregating information of social networks based on geographical locations via a network |
US9442778B2 (en) * | 2012-10-01 | 2016-09-13 | Salesforce.Com, Inc. | Method and system for secured inter-application communication in mobile devices |
US9083749B1 (en) * | 2012-10-17 | 2015-07-14 | Amazon Technologies, Inc. | Managing multiple security policy representations in a distributed environment |
US9117054B2 (en) | 2012-12-21 | 2015-08-25 | Websense, Inc. | Method and aparatus for presence based resource management |
US9280581B1 (en) | 2013-03-12 | 2016-03-08 | Troux Technologies, Inc. | Method and system for determination of data completeness for analytic data calculations |
US9106610B2 (en) | 2013-06-07 | 2015-08-11 | International Business Machines Corporation | Regional firewall clustering in a networked computing environment |
US9477991B2 (en) | 2013-08-27 | 2016-10-25 | Snap Trends, Inc. | Methods and systems of aggregating information of geographic context regions of social networks based on geographical locations via a network |
US9894489B2 (en) | 2013-09-30 | 2018-02-13 | William J. Johnson | System and method for situational proximity observation alerting privileged recipients |
EP3066581B1 (en) * | 2013-11-04 | 2019-06-26 | Illumio, Inc. | Distributed network security using a logical multi-dimensional label-based policy model |
US9548897B2 (en) | 2014-01-17 | 2017-01-17 | Amazon Technologies, Inc. | Network entity registry for network entity handles included in network traffic policies enforced for a provider network |
US9215214B2 (en) | 2014-02-20 | 2015-12-15 | Nicira, Inc. | Provisioning firewall rules on a firewall enforcing device |
US20160021143A1 (en) * | 2014-07-21 | 2016-01-21 | David Browning | Device federation |
WO2016053304A1 (en) * | 2014-09-30 | 2016-04-07 | Hewlett Packard Enterprise Development Lp | Topology based management with compliance policies |
US10834065B1 (en) | 2015-03-31 | 2020-11-10 | F5 Networks, Inc. | Methods for SSL protected NTLM re-authentication and devices thereof |
US9806948B2 (en) | 2015-06-30 | 2017-10-31 | Nicira, Inc. | Providing firewall rules for workload spread across multiple data centers |
US10263847B2 (en) | 2015-07-31 | 2019-04-16 | Vmware, Inc. | Policy validation |
GB2544292A (en) * | 2015-11-10 | 2017-05-17 | Virtuosys Ltd | Communication unit employed as a remote router and method for enforcement |
US9992232B2 (en) * | 2016-01-14 | 2018-06-05 | Cisco Technology, Inc. | Policy block creation with context-sensitive policy line classification |
US10404698B1 (en) | 2016-01-15 | 2019-09-03 | F5 Networks, Inc. | Methods for adaptive organization of web application access points in webtops and devices thereof |
US10348685B2 (en) | 2016-04-29 | 2019-07-09 | Nicira, Inc. | Priority allocation for distributed service rules |
US10135727B2 (en) | 2016-04-29 | 2018-11-20 | Nicira, Inc. | Address grouping for distributed service rules |
US11171920B2 (en) | 2016-05-01 | 2021-11-09 | Nicira, Inc. | Publication of firewall configuration |
US11425095B2 (en) | 2016-05-01 | 2022-08-23 | Nicira, Inc. | Fast ordering of firewall sections and rules |
DE102016110723A1 (de) | 2016-06-10 | 2017-12-14 | Endress+Hauser Process Solutions Ag | Verfahren zum Verhindern eines unerlaubten Zugriffs auf Softwareanwendungen in Feldgeräten |
US11258761B2 (en) | 2016-06-29 | 2022-02-22 | Nicira, Inc. | Self-service firewall configuration |
US11088990B2 (en) | 2016-06-29 | 2021-08-10 | Nicira, Inc. | Translation cache for firewall configuration |
JP2018019207A (ja) * | 2016-07-27 | 2018-02-01 | 富士ゼロックス株式会社 | 連携管理装置及び通信システム |
US10778722B2 (en) * | 2016-11-08 | 2020-09-15 | Massachusetts Institute Of Technology | Dynamic flow system |
US10038671B2 (en) * | 2016-12-31 | 2018-07-31 | Fortinet, Inc. | Facilitating enforcement of security policies by and on behalf of a perimeter network security device by providing enhanced visibility into interior traffic flows |
US10721275B2 (en) * | 2017-01-23 | 2020-07-21 | Fireeye, Inc. | Automated enforcement of security policies in cloud and hybrid infrastructure environments |
CN108418776B (zh) * | 2017-02-09 | 2021-08-20 | 上海诺基亚贝尔股份有限公司 | 用于提供安全业务的方法和设备 |
US10826931B1 (en) | 2018-03-29 | 2020-11-03 | Fireeye, Inc. | System and method for predicting and mitigating cybersecurity system misconfigurations |
US11310202B2 (en) | 2019-03-13 | 2022-04-19 | Vmware, Inc. | Sharing of firewall rules among multiple workloads in a hypervisor |
US11563722B2 (en) | 2019-08-22 | 2023-01-24 | Hewlett Packard Enterprise Development Lp | Firewall coordination in a network |
US11165649B1 (en) * | 2020-09-21 | 2021-11-02 | Cradlepoint, Inc. | Filter-based composition of networking device configuration |
CN114915436B (zh) * | 2021-02-08 | 2024-02-23 | 中国电信股份有限公司 | 安全系统以及安全防护方法 |
EP4089975A1 (de) * | 2021-05-12 | 2022-11-16 | ise Individuelle Software und Elektronik GmbH | Gesicherter zugriff auf netzwerke |
US20230112579A1 (en) * | 2021-10-11 | 2023-04-13 | Hewlett Packard Enterprise Development Lp | Automatic policy engine selection |
CN114006760B (zh) * | 2021-11-01 | 2023-07-18 | 西安思源学院 | 一种数据库信息安全防控系统 |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4881263A (en) * | 1987-09-25 | 1989-11-14 | Digital Equipment Corporation | Apparatus and method for secure transmission of data over an unsecure transmission channel |
US5577209A (en) * | 1991-07-11 | 1996-11-19 | Itt Corporation | Apparatus and method for providing multi-level security for communication among computers and terminals on a network |
US5828893A (en) * | 1992-12-24 | 1998-10-27 | Motorola, Inc. | System and method of communicating between trusted and untrusted computer systems |
US5606668A (en) * | 1993-12-15 | 1997-02-25 | Checkpoint Software Technologies Ltd. | System for securing inbound and outbound data packet flow in a computer network |
US5740375A (en) * | 1996-02-15 | 1998-04-14 | Bay Networks, Inc. | Forwarding internetwork packets by replacing the destination address |
-
1997
- 1997-05-29 US US08/865,482 patent/US5968176A/en not_active Expired - Lifetime
-
1998
- 1998-05-28 AT AT98924930T patent/ATE343818T1/de not_active IP Right Cessation
- 1998-05-28 DE DE69836271T patent/DE69836271T2/de not_active Expired - Lifetime
- 1998-05-28 EP EP98924930A patent/EP0990206B1/en not_active Expired - Lifetime
- 1998-05-28 CA CA002291158A patent/CA2291158A1/en not_active Abandoned
- 1998-05-28 JP JP50087899A patent/JP2002507295A/ja not_active Ceased
- 1998-05-28 WO PCT/US1998/010817 patent/WO1998054644A1/en active IP Right Grant
- 1998-05-28 GB GB9928175A patent/GB2342020B/en not_active Expired - Lifetime
Cited By (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001237895A (ja) * | 2000-01-18 | 2001-08-31 | Lucent Technol Inc | ネットワークゲートウェイの解析方法及び装置 |
JP4658340B2 (ja) * | 2000-01-18 | 2011-03-23 | アルカテル−ルーセント ユーエスエー インコーポレーテッド | ネットワークゲートウェイの解析方法及び装置 |
US7676540B2 (en) | 2001-10-16 | 2010-03-09 | Microsoft Corporation | Scoped referral statements |
US7752431B2 (en) | 2001-10-16 | 2010-07-06 | Microsoft Corporation | Virtual distributed security system |
US8015204B2 (en) | 2001-10-16 | 2011-09-06 | Microsoft Corporation | Scoped access control metadata element |
US7809938B2 (en) | 2001-10-16 | 2010-10-05 | Microsoft Corporation | Virtual distributed security system |
US7752442B2 (en) | 2001-10-16 | 2010-07-06 | Microsoft Corporation | Virtual distributed security system |
US7653747B2 (en) | 2001-10-16 | 2010-01-26 | Microsoft Corporation | Resolving virtual network names |
US8302149B2 (en) | 2001-10-16 | 2012-10-30 | Microsoft Corporation | Virtual distributed security system |
US7730094B2 (en) | 2001-10-16 | 2010-06-01 | Microsoft Corporation | Scoped access control metadata element |
US7899047B2 (en) | 2001-11-27 | 2011-03-01 | Microsoft Corporation | Virtual network with adaptive dispatcher |
JP2010061675A (ja) * | 2002-07-11 | 2010-03-18 | Thomson Licensing | アプリケーションレベルゲートウェイ及びファイアウォールのルールセットのダウンロードの許可 |
JP2009187587A (ja) * | 2003-03-31 | 2009-08-20 | Intel Corp | セキュリティポリシーを管理する方法及びシステム |
JP2007529917A (ja) * | 2004-02-20 | 2007-10-25 | アシシュ エイ パンドヤ | 分散型ネットワークセキュリティシステム及びそのためのハードウエアプロセッサ |
JP2006146891A (ja) * | 2004-11-19 | 2006-06-08 | Microsoft Corp | セキュリティポリシーを配布するための方法およびシステム |
JP2009525711A (ja) * | 2006-03-31 | 2009-07-09 | インテル・コーポレーション | 階層型信頼に基づいたポスチャレポーティング及びポリシー施行 |
JP4620070B2 (ja) * | 2007-02-28 | 2011-01-26 | 日本電信電話株式会社 | トラヒック制御システムおよびトラヒック制御方法 |
JP2008219149A (ja) * | 2007-02-28 | 2008-09-18 | Nippon Telegr & Teleph Corp <Ntt> | トラヒック制御システムおよびトラヒック制御方法 |
JP2009105716A (ja) * | 2007-10-24 | 2009-05-14 | Hitachi Ltd | ネットワークシステム、管理計算機、及びフィルタ再構成方法 |
US10153906B2 (en) | 2011-08-09 | 2018-12-11 | CloudPassage, Inc. | Systems and methods for implementing computer security |
US10601807B2 (en) | 2011-08-09 | 2020-03-24 | CloudPassage, Inc. | Systems and methods for providing container security |
US10454916B2 (en) | 2011-08-09 | 2019-10-22 | CloudPassage, Inc. | Systems and methods for implementing security |
US10027650B2 (en) | 2011-08-09 | 2018-07-17 | CloudPassage, Inc. | Systems and methods for implementing security |
US9942102B2 (en) | 2013-04-10 | 2018-04-10 | Illumio, Inc. | Handling changes in a distributed network management system that uses a logical multi-dimensional label-based policy model |
JP2016522919A (ja) * | 2013-04-10 | 2016-08-04 | イルミオ, インコーポレイテッドIllumio,Inc. | 論理的多次元ラベルベースのポリシーモデルを使用した分散型ネットワークマネージメント |
US9882783B2 (en) | 2013-04-10 | 2018-01-30 | Illumio, Inc. | Distributed network management using a logical multi-dimensional label-based policy model |
US9882919B2 (en) | 2013-04-10 | 2018-01-30 | Illumio, Inc. | Distributed network security using a logical multi-dimensional label-based policy model |
US10701090B2 (en) | 2013-04-10 | 2020-06-30 | Illumio, Inc. | Distributed network security using a logical multi-dimensional label-based policy model |
US10897403B2 (en) | 2013-04-10 | 2021-01-19 | Illumio, Inc. | Distributed network management using a logical multi-dimensional label-based policy model |
US10917309B2 (en) | 2013-04-10 | 2021-02-09 | Illumio, Inc. | Distributed network management using a logical multi-dimensional label-based policy model |
US10924355B2 (en) | 2013-04-10 | 2021-02-16 | Illumio, Inc. | Handling changes in a distributed network management system that uses a logical multi-dimensional label-based policy model |
US11503042B2 (en) | 2013-04-10 | 2022-11-15 | Illumio, Inc. | Distributed network security using a logical multi-dimensional label-based policy model |
US11323417B2 (en) | 2018-03-01 | 2022-05-03 | Fujitsu Limited | Network management apparatus, network management method, and non-transitory computer-readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
WO1998054644A1 (en) | 1998-12-03 |
EP0990206A4 (en) | 2005-08-03 |
ATE343818T1 (de) | 2006-11-15 |
DE69836271T2 (de) | 2007-09-13 |
GB2342020A (en) | 2000-03-29 |
EP0990206B1 (en) | 2006-10-25 |
GB2342020B (en) | 2002-10-23 |
CA2291158A1 (en) | 1998-12-03 |
EP0990206A1 (en) | 2000-04-05 |
DE69836271D1 (de) | 2006-12-07 |
US5968176A (en) | 1999-10-19 |
GB9928175D0 (en) | 2000-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP2002507295A (ja) | 多層型ファイアウオールシステム | |
US10595215B2 (en) | Reducing redundant operations performed by members of a cooperative security fabric | |
US7099947B1 (en) | Method and apparatus providing controlled access of requests from virtual private network devices to managed information objects using simple network management protocol | |
US6079020A (en) | Method and apparatus for managing a virtual private network | |
US7526480B2 (en) | Method and apparatus for controlled access of requests from virtual private network devices to managed information objects using simple network management protocol and multi-topology routing | |
US7389358B1 (en) | Distributed virtual system to support managed, network-based services | |
EP1438670B1 (en) | Method and apparatus for implementing a layer 3/layer 7 firewall in an l2 device | |
US6154839A (en) | Translating packet addresses based upon a user identifier | |
US6678835B1 (en) | State transition protocol for high availability units | |
US8041946B2 (en) | Data transfer between networks operating at different security levels | |
US20020083344A1 (en) | Integrated intelligent inter/intra networking device | |
US6877041B2 (en) | Providing secure access to network services | |
US7890755B2 (en) | High-assurance web-based configuration of secure network server | |
US20040093492A1 (en) | Virtual private network management with certificates | |
US20040196843A1 (en) | Protection of network infrastructure and secure communication of control information thereto | |
US11805011B2 (en) | Bulk discovery of devices behind a network address translation device | |
Nessett et al. | The multilayer firewall | |
CN112751701B (zh) | 用于管理网络装置的系统、方法及计算机可读介质 | |
Cisco | Introduction to Cisco MPLS VPN Technology | |
Cisco | Internetworking Case Studies | |
Terada et al. | Access control for inter-organizational computer network environment | |
Kizza et al. | Network Basics and Securing the Network Infrastructure | |
Paul et al. | AMÉLIORATION DES TECHNIQUES DE GESTION DES ROUTEURS FILTRANTS AU MOYEN DE MÉTHODES AUTOMATIQUES ET DYNAMIQUES | |
Headquarters | Services Ready Small Branch Network System Assurance Guide | |
Headquarters | Services Ready Medium Branch Network System Assurance Guide |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20050509 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20080507 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20080807 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20080912 |
|
A313 | Final decision of rejection without a dissenting response from the applicant |
Free format text: JAPANESE INTERMEDIATE CODE: A313 Effective date: 20081229 |
|
A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20090303 |