Pre-Grant Publication Number: 20070271363
Please help the USPTO examine the application by evaluating the relevance of the publicly submitted prior art to the patent application.
Peer-to-Patent forwards the Top 10 most relevant prior art submissions and their annotations to the United States Patent and Trademark Office.
Review this prior art and click on the thumbs up (or down) to indicate whether this submission should be forwarded to the USPTO.
If you login then you can add an annotation by typing in the box at the bottom of the screen to comment on the relevance of the prior art to the claims of the patent application.
Review this prior art and click on the thumbs up (or down) to indicate whether this submission should be forwarded to the USPTO.
If you login then you can add an annotation by typing in the box at the bottom of the screen to comment on the relevance of the prior art to the claims of the patent application.
Prior Art Detail
Summary / Description
| Summary / Description | The patent publication discloses a network security system having the functionalities of network discovery, vulnarability assessment, and intrusion detection. |
Basic Information
| Type of Prior Art | Issued Patents - US |
| Country | United States of America |
| Patent/Application # | US20030204632 |
| Kind Code | United States (US) - Patent Appl. Publ. within the ... - A1 |
| Patentee Name | TippingPoint Technologies |
| Relevant Pages, Columns, or Lines | |
| URL | http://appft1.uspto.gov/netacgi... |
| Filing Date | October 30, 2003 |
| Additional Information | |
Notes / To Do
| Notes | |
Excerpt
Excerpt "A network discovery functionality, intrusion detector functionality and firewalling functionality are integrated together to form a network security system presenting a self-deploying and self-hardening security defense for a network." |
Relevance
Claims
1
A system comprising:
a network;
a first network scanner; and
a second network scanner;
wherein the first network scanner, and the second network scanner dynamically scan the network,
wherein a network address discovered by the second network scanner and not discovered by the first network scanner is inserted into a database read by the first network scanner and the second network scanner.
Relevance
[0046] "The system 10 may operate in a scenario (see, also, FIGS. 3 and 4) where the VAS 18 completes a scan of the network 14, updates the database 12 and further informs the inspection agent 28 of a discovered network vulnerability. Responsive thereto, the inspection agent 28 retrieves an appropriate detection signature(s) 22/22' from the database 20 and instantiates that signature on its comparison functionality 40 and/or the sentry's comparison functionality 44. These functionalities then operate in accordance with the signature(s) 22/22' to detect and respond to detected threats posed by the traffic 30." [0075] "The network discovery functionality 112 is primarily responsible for maintaining an enterprise vulnerabilities database 140 that stores the enterprise specific data collected by the network discovery functionality. It is this database 140 that is queried 134 by the agent 126, as discussed above. The stored data may comprise, for example, host/service inventory information which includes an inventory of assessed vulnerabilities of the network 14. The stored data may also include information on valid peer routers, with this information being useful in maintaining router white lists for filtering routing control traffic. For example, responsive to a network discovery functionality scan of the network 14, the database 140 may store an inventory of the active hosts on the network, the services provided by those hosts, and the known vulnerabilities of the hosts..."
[0046] "The system 10 may operate in a scenario (see, also, FIGS. 3 and 4) where the VAS 18 completes a scan of the network 14, updates the database 12 and further informs the inspection agent 28 of a discovered network vulnerability. Responsive thereto, the inspection agent 28 retrieves an appropriate detection signature(s) 22/22' from the database 20 and instantiates that signature on its comparison functionality 40 and/or the sentry's comparison functionality 44. These functionalities then operate in accordance with the signature(s) 22/22' to detect and respond to detected threats posed by the traffic 30." [0075] "The network discovery functionality 112 is primarily responsible for maintaining an enterprise vulnerabilities database 140 that stores the enterprise specific data collected by the network discovery functionality. It is this database 140 that is queried 134 by the agent 126, as discussed above. The stored data may comprise, for example, host/service inventory information which includes an inventory of assessed vulnerabilities of the network 14. The stored data may also include information on valid peer routers, with this information being useful in maintaining router white lists for filtering routing control traffic. For example, responsive to a network discovery functionality scan of the network 14, the database 140 may store an inventory of the active hosts on the network, the services provided by those hosts, and the known vulnerabilities of the hosts..."
Claim Chart
All
