Inline intrusion detection using a single physical port

Information security – Monitoring or scanning of software or data including attack...

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

Reexamination Certificate

active

07555774

ABSTRACT:
In accordance with one embodiment of the present invention, a method for inline intrusion detection includes receiving a packet at a physical interface of an intrusion detection system. The packet is tagged with a first VLAN identifier associated with an external network. The network further includes buffering the packet at the physical interface, communicating a copy of the packet to a processor, and analyzing the copy of the packet at the processor to determine whether the packet includes an attack signature. The method also includes communicating a reply message from the processor to the interface indicating whether the packet includes an attack signature. If the packet does not contain an attack signature the buffered copy of the packet is re-tagged with a second VLAN identifier associated with a protected network and re-tagged packet is communicated to the protected network.

REFERENCES:
patent: 3974328 (1976-08-01), Thomas et al.
patent: 4103847 (1978-08-01), Thomas et al.
patent: 4286261 (1981-08-01), Wagner et al.
patent: 4931740 (1990-06-01), Hassanzadeh et al.
patent: 4991146 (1991-02-01), Ransdell et al.
patent: 5311510 (1994-05-01), Moriue et al.
patent: 5557742 (1996-09-01), Smaha et al.
patent: 5963556 (1999-10-01), Varghese et al.
patent: 6035405 (2000-03-01), Gage et al.
patent: 6279113 (2001-08-01), Vaidya
patent: 6477651 (2002-11-01), Teal
patent: 6487666 (2002-11-01), Shanklin et al.
patent: 6560236 (2003-05-01), Varghese et al.
patent: 6584565 (2003-06-01), Zamek
patent: 6647400 (2003-11-01), Moran
patent: 6715084 (2004-03-01), Aaron et al.
patent: 6785821 (2004-08-01), Teal
patent: 6792546 (2004-09-01), Shanklin et al.
patent: 6826697 (2004-11-01), Moran
patent: 6898632 (2005-05-01), Gordy et al.
patent: 6928549 (2005-08-01), Brock et al.
patent: 6950628 (2005-09-01), Meier et al.
patent: 6996843 (2006-02-01), Moran
patent: 7032114 (2006-04-01), Moran
patent: 7051365 (2006-05-01), Bellovin
patent: 7076803 (2006-07-01), Bruton, III et al.
patent: 7107612 (2006-09-01), Xie et al.
patent: 7150043 (2006-12-01), Brock et al.
patent: 7177295 (2007-02-01), Sholander et al.
patent: 7222366 (2007-05-01), Bruton, III et al.
patent: 7281269 (2007-10-01), Sievers et al.
patent: 7310815 (2007-12-01), Yanovsky
patent: 7331061 (2008-02-01), Ramsey et al.
patent: 2002/0009078 (2002-01-01), Wilson et al.
patent: 2002/0069356 (2002-06-01), Kim
patent: 2002/0073337 (2002-06-01), Ioele et al.
patent: 2002/0101870 (2002-08-01), Chase et al.
patent: 2002/0107961 (2002-08-01), Kinoshita
patent: 2002/0143948 (2002-10-01), Maher, III et al.
patent: 2003/0009693 (2003-01-01), Brock et al.
patent: 2003/0014662 (2003-01-01), Gupta et al.
patent: 2003/0061514 (2003-03-01), Bardsley et al.
patent: 2003/0069972 (2003-04-01), Yoshimura et al.
patent: 2003/0084318 (2003-05-01), Schertz
patent: 2003/0084321 (2003-05-01), Tarquini et al.
patent: 2003/0084328 (2003-05-01), Tarquini et al.
patent: 2003/0084329 (2003-05-01), Tarquini
patent: 2003/0084344 (2003-05-01), Tarquini et al.
patent: 2003/0110393 (2003-06-01), Brock et al.
patent: 2003/0145225 (2003-07-01), Bruton, III et al.
patent: 2003/0145226 (2003-07-01), Bruton et al.
patent: 2003/0149887 (2003-08-01), Yadav
patent: 2003/0154399 (2003-08-01), Zuk et al.
patent: 2003/0188190 (2003-10-01), Aaron et al.
patent: 2003/0188191 (2003-10-01), Aaron et al.
patent: 2003/0236992 (2003-12-01), Yami
patent: 2004/0030927 (2004-02-01), Zuk
patent: 2004/0049596 (2004-03-01), Schuehler et al.
patent: 2004/0049693 (2004-03-01), Douglas
patent: 2004/0059942 (2004-03-01), Xie
patent: 2004/0083295 (2004-04-01), Amara et al.
patent: 2004/0093513 (2004-05-01), Cantrell et al.
patent: 2004/0117478 (2004-06-01), Triulzi et al.
patent: 2004/0202157 (2004-10-01), Chase et al.
patent: 2004/0221171 (2004-11-01), Ahmed et al.
patent: 2004/0221178 (2004-11-01), Aaron et al.
patent: 2004/0255154 (2004-12-01), Kwan et al.
patent: 2004/0260945 (2004-12-01), Raikar et al.
patent: 2005/0005031 (2005-01-01), Gordy et al.
patent: 2005/0018618 (2005-01-01), Mualem et al.
patent: 2005/0022018 (2005-01-01), Szor
patent: 2005/0044199 (2005-02-01), Shiga et al.
patent: 2005/0058132 (2005-03-01), Okano et al.
patent: 2005/0071642 (2005-03-01), Moghe et al.
patent: 2005/0071643 (2005-03-01), Moghe
patent: 2005/0071644 (2005-03-01), Moghe et al.
patent: 2005/0076245 (2005-04-01), Graham et al.
patent: 2005/0081058 (2005-04-01), Chang et al.
patent: 2005/0097358 (2005-05-01), Yanovsky
patent: 2005/0132230 (2005-06-01), Miclea et al.
patent: 2005/0157653 (2005-07-01), Zeitak et al.
patent: 2005/0185626 (2005-08-01), Meier et al.
patent: 2005/0193429 (2005-09-01), Demopoulos et al.
patent: 2005/0216770 (2005-09-01), Rowett et al.
patent: 2005/0226257 (2005-10-01), Mirzabegian et al.
patent: 2005/0229246 (2005-10-01), Rajagopal et al.
patent: 2005/0259646 (2005-11-01), Smith et al.
patent: 2005/0278178 (2005-12-01), Girouard et al.
patent: 2005/0283831 (2005-12-01), Ryu et al.
patent: 2006/0007903 (2006-01-01), Hammell et al.
patent: 2006/0085855 (2006-04-01), Shin et al.
patent: 2006/0161983 (2006-07-01), Cothrell et al.
patent: 2007/0058551 (2007-03-01), Brusotti et al.
Scott A. Cothrell, et al., “Inline Intrusion Detection,” U.S. Appl. No. 11/039,219, currently pending, 25 pages, Jan. 20, 2005.
USPTO; Office Action (by Examiner Minh Dieu T. Nguyen); for U.S. Appl. No. 10/903,391, (7 pages).
USPTO; Office Action (by Examiner David Cervetti); for U.S. Appl. No. 11/039,219, (14 pages).
CISCO PIX Firewall and VPN Configuration Guide, Ver. 6.3 cisco Systems (466 pages).
Cisco IOS FIrewall Design Guide, Cisco Systems (60 pages).
Cisco Secure Policy Manager Solution Guide Series: Intrusion Detection System, Ver. 2.3.1i (175 pages).
Cisco Router and Security Device Manager Firewall Policy Management Application Note, Cisco Systems, (19 pages).
USPTO; Office Action (by Examiner David Cervetti); for U.S. Appl. No. 11/039,219, (14 pages).

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Inline intrusion detection using a single physical port does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Inline intrusion detection using a single physical port, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Inline intrusion detection using a single physical port will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-4057707

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.