|
Match
|
Document |
Document Title |
|
|
US20090293114 |
DIVERSITY STRING BASED PATTERN MATCHING
Diversity string based pattern matching is disclosed. In one embodiment, a method for inspecting multiple data patterns in a data block includes scanning the data block for a diversity string of...
|
|
|
US20090288158 |
INTELLIGENT FIREWALL
An intelligent firewall that prevents unauthorized access to a system has been developed. The fire wall does not use a communication address. It receives a data packet and analyzes it to determine...
|
|
|
US20090276843 |
SECURITY EVENT DATA NORMALIZATION
Normalizing security event data from multiple different network agents. The data from the multiple different agents is categorized and tagged with a descriptor that includes information about the...
|
|
|
US20090276842 |
Load-Balancing Cluster
A load-balancing cluster includes a switch having a plurality of ports; and a plurality of servers connected to at least some of the plurality of ports of the switch. Each server is addressable by...
|
|
|
US20090276204 |
METHOD AND SYSTEM FOR POLICY SIMULATION
A method and system for managing access to resources on a secured network is disclosed. The method includes reading packet information in respective packets of a packet communication received at a...
|
|
|
US20090265778 |
Attack protection for a packet-based network
The invention relates to a protection unit ( 15 ) for protecting a packet-based network from attacks, comprising: a signature analyzer ( 5 ) for analyzing a packet stream ( 6 ) received in a...
|
|
|
US20090249471 |
REVERSIBLE FIREWALL POLICIES
A method of determining whether to allow multiple data packets to pass a firewall, each data packet having a source address and a destination address. The method evaluates a data packet by using a...
|
|
|
US20090249470 |
COMBINED FIREWALLS
A method of providing a firewall to protect a set of virtual machines on a host node that is one of multiple host nodes that host virtual machines. The method stores a table of allowed connections...
|
|
|
US20090249469 |
PACKET TRANSFER APPARATUS
Plural retrieval units are prepared, and a retrieval unit which can reduce power consumption is selected according to the condition of a retrieval key. For example, in general, the retrieval unit...
|
|
|
US20090249468 |
Method for establishing distributed filters in a packet-oriented network, based on abstract security defaults
A method for a packet-oriented network is provided. According to the method, after analysis of the network configuration and the existing network elements, the implementation of predefined security...
|
|
|
US20090249438 |
MOVING SECURITY FOR VIRTUAL MACHINES
A method of maintaining multiple firewalls on multiple host nodes. Each host node runs one or more virtual machines. For at least a first host node, the method maintains multiple sets of policies...
|
|
|
US20090217369 |
Method and system for processing packet flows, and computer program product therefor
Packet flows are processed, e.g. to perform an intrusion detection function in a communication network, by means of a multiprocessor system including a plurality of processing units. The packets...
|
|
|
US20090199286 |
Method and appartus for network security using a router based authentication system
A router based authentication system provides packet level authentication of incoming data packets and eliminates the risk of having data packets come in to the network whose source cannot be...
|
|
|
US20090199266 |
Compiling Method for Command Based Router Classifiers
A method and compiler for compiling hierarchical command based policy rules to a flat filter list structure adapted for storage in a Content Addressable Memory (CAM), wherein the policy rules are...
|
|
|
US20090183252 |
PACKET RELAY APPARATUS
A packet relay apparatus keeps only packets specified as authentication target packets of MAC address authentication, to reduce the number of packets to be transferred from H/W to a CPU. In...
|
|
|
US20090158419 |
METHOD AND SYSTEM FOR PROTECTING A COMPUTER SYSTEM DURING BOOT OPERATION
A method for protecting a computer system from malicious network traffic is provided using a driver which inspects network packets. A security profile comprising packet inspection rules is compiled...
|
|
|
US20090144819 |
FLOW CLASSIFICATION FOR ENCRYPTED AND TUNNELED PACKET STREAMS
Methods and systems for solving the problem of special processing required by various communication network subsystems (e.g., QOS, security, tunneling, etc). In some cases the processing by one...
|
|
|
US20090144818 |
SYSTEM AND METHOD FOR USING VARIABLE SECURITY TAG LOCATION IN NETWORK COMMUNICATIONS
A method of packet security management to ensure a secure connection from one network node to another. The method includes creating a security tag for each packet in a network session, selecting...
|
|
|
US20090138959 |
DEVICE, SYSTEM AND METHOD FOR DROPPING ATTACK MULTIMEDIA PACKET IN THE VoIP SERVICE
Disclosed is a device for dropping an attack multimedia packet. An object of the invention is to provide a device, a system and a method for dropping an attack multimedia packet, capable of...
|
|
|
US20090126004 |
PACKET TRANSFER DEVICE, PACKET TRANSFER METHOD, AND PROGRAM
A packet transfer apparatus is provided with: storage means configured to store a predetermined search pattern and an address identifying a predetermined apparatus; determination means configured...
|
|
|
US20090126003 |
System And Method For Providing Network And Computer Firewall Protection With Dynamic Address Isolation To A Device
A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and...
|
|
|
US20090119769 |
CROSS-SITE SCRIPTING FILTER
A reflected cross-site scripting (XSS) mitigation technique that can be implemented wholly on the client by installing a client-side filter that prevents reflected XSS vulnerabilities. XSS...
|
|
|
US20090113540 |
CONTROLLING NETWORK ACCESS
Systems and methods for controlling network access determine that a client computer on the network is in compliance with administrator-defined network health policy standards before the client...
|
|
|
US20090077245 |
Client-To-Client Direct RTP Exchange In A Managed Client-Server Network
A method for establishing a data packet exchange communication session that allows the exchange of data packets between an originating client and a destination client in a data network having a...
|
|
|
US20090070859 |
Method and Apparatuses for Secure, Anonymous Wireless Lan (WLAN) Acess
A method and system for providing secure, anonymous access to a wireless local area network, including configuring an access point to drop packets except packets exhibiting an URL access protocol...
|
|
|
US20090064310 |
Data relay device and data relay method
A data relay device has a plurality of security functions sequentially executes security functions on inputted data based on a predetermined rule, to determine whether or not to permit the relay of...
|
|
|
US20090019537 |
SYSTEMS AND METHODS FOR INHIBITING ATTACKS WITH A NETWORK
Systems and methods for inhibiting attacks with a network are provided. In some embodiments, methods for inhibiting attacks by forwarding packets through a plurality of intermediate nodes when...
|
|
|
US20090013400 |
Method of filtering undesirable streams coming from a terminal presumed to be malicious
A method of filtering undesirable streams coming from a terminal ( 20 ) presumed to be malicious belonging to an overlay network superposed on an underlying communications network ( 1, 2 ),...
|
|
|
US20080320585 |
METHOD AND SYSTEM TO MITIGATE LOW RATE DENIAL OF SERVICE (DoS) ATTACKS
A technique to mitigate low rate Denial-of-Service (DoS) attacks at routers in the Internet is described. In phase 1, necessary flow information from the packets traversing through the router is...
|
|
|
US20080320584 |
FIREWALL CONTROL SYSTEM
Generally speaking, systems, methods and media for implementing a firewall control system responsive to user authentications are disclosed. Embodiments of a method may include receiving a data...
|
|
|
US20080320582 |
REAL-TIME INDUSTRIAL FIREWALL
Providing for employing a real time firewall to secure components of an automation control network from unauthorized communication to or from such components is disclosed herein. A monitoring...
|
|
|
US20080301798 |
Apparatus and Method for Secure Updating of a Vulnerable System over a Network
An apparatus interposed between a vulnerable system and a network for secure updating of the system includes an internal interface connected to the system; an external interface connected to the...
|
|
|
US20080295163 |
Method and Apparatus for Updating Anti-Replay Window in Ipsec
A method and apparatus for updating an anti-replay window in Internet Protocol Security (IPSec). The method includes determining whether a difference between a sequence number extracted from a...
|
|
|
US20080271134 |
Method and system for combined security protocol and packet filter offload and onload
A network interface card (NIC) includes a security association database (SADB) comprising a plurality of security associations (SAs), a cryptographic offload engine configured to decrypt a packet...
|
|
|
US20080270601 |
SYSTEM METHOD AND APPARATUS FOR SERVICE ATTACK DETECTION ON A NETWORK
Embodiments of the invention are directed to a detection system, method and apparatus that identifies and eradicates fraudulent requests on a network. Embodiments of the detection system comprise...
|
|
|
US20080250491 |
METHOD OF TRANSMITTING INFORMATION EFFECTIVELY IN SERVER/CLIENT NETWORK AND SERVER AND CLIENT APPARATUSES USING THE SAME
A method for transmitting information effectively in a server/client network system is provided, the network system including a client placed behind a firewall and a server that provides the client...
|
|
|
US20080244725 |
METHOD AND APPARATUS FOR MANAGING PACKET BUFFERS
According to one example embodiment of the inventive subject matter, there is described herein a method and apparatus for securely and efficiently managing packet buffers between protection domains...
|
|
|
US20080209540 |
FIREWALL INCLUDING LOCAL BUS
A gateway for screening packets transferred over a network. The gateway includes a plurality of network interfaces, a memory and a memory controller. Each network interface receives and forwards...
|
|
|
US20080201772 |
Method and Apparatus for Deep Packet Inspection for Network Intrusion Detection
In a method of determining whether a data stream includes unauthorized data, the data stream is analyzed using a hardware filter to detect a presence of one or more of a first set of patterns in...
|
|
|
US20080178279 |
METHOD AND SYSTEM FOR PROTECTING A COMPUTER NETWORK AGAINST PACKET FLOODS
A method of controlling protection of a computing device or computer network. The method comprises directing incoming data packets to the computing device or computer network via a rate limiting...
|
|
|
US20080172731 |
NETWORK FIREWALL POLICY CONFIGURATION FACILITATION
Systems for providing information on network firewall policy configuration facilitation include a firewall facilitation coordinator configured to receive a request to add an application not...
|
|
|
US20080172347 |
METHOD AND SYSEM FOR UTILIZING AN EXPERT SYSTEM TO DETERMINE WHETHER TO ALTER A FIREWALL CONFIGURATION
A method and system for utilizing an expert system to determine whether to alter a firewall configuration. The expert system receives message flow data associated with a message packet blocked by a...
|
|
|
US20080168550 |
METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR MODELING A SECURE PRODUCTION NETWORK
Methods, systems, and computer program products for modeling a secure production network are provided. A method includes generating a test network for emulating production operations, capturing and...
|
|
|
US20080168549 |
Efficient Implementation of Security Applications in a Networked Environment
Community based defense, in which multiple security devices operate as a part of a single community in providing security defense i.e. avoiding redundant security checks and enables efficient...
|
|
|
US20080163356 |
APPARATUS AND METHOD OF SECURING NETWORK
The present invention relates to an apparatus and method of securing a network. In the present invention, a pattern matching engine 210 corresponding to a first security module initially performs...
|
|
|
US20080155676 |
Method and system for creating a demilitarized zone using network stack instances
A method for routing a packet. The method includes receiving the packet from a first network into a network interface card (NIC), where the NIC is operatively connected to a host and the host...
|
|
|
US20080148385 |
Sectionalized Terminal System And Method
In a sectionalized terminal system and method, the local area network is segregated into an inner section and an outer section by allowing only the packets compatible with the remote data protocol...
|
|
|
US20080148384 |
Embedded Firewall at a Telecommunications Endpoint
A method is disclosed that enables the implementation of an embedded firewall at a telecommunications endpoint. In particular, the illustrative embodiment of the present invention addresses the...
|
|
|
US20080148341 |
Acceleration of packet flow classification in a virtualized system
In a virtualization system having a plurality of virtual machines, each virtual machine has an associated policy database and database lookup pair. With a policy database/database lookup pair per...
|
|
|
US20080141359 |
Method for preventing unauthorized connection in network system
A method for preventing unauthorized connection in a network system mainly includes adding an authentication key in the LLDP (link layer discovery protocol) transmitted in accordance with the...
|