Electrical computers and digital processing systems: multicomput – Computer network managing
Reexamination Certificate
2006-02-21
2006-02-21
Lim, Krisna (Department: 2153)
Electrical computers and digital processing systems: multicomput
Computer network managing
C703S021000
Reexamination Certificate
active
07003562
ABSTRACT:
A method and an apparatus for analyzing a network configuration against a corporate network policy and determining violation(s) against the corporate network policy. A report indicating the violation(s) can be generated indicating instances of the violation(s). An analysis platform reads in a network policy. The analysis platform collects configuration files from the relevant network devices in the network and builds up an internal instance of a network configuration model based on the configuration files and the network topology. The analysis platform analyzes this network configuration model according to the network policy and adds an entry to its final report each time that it detects a violation against the network policy in the network configuration model. The data in the entries pinpoints the cause of the deviation(s) from the network policy.
REFERENCES:
patent: 5440719 (1995-08-01), Hanes et al.
patent: 6377987 (2002-04-01), Kracht
patent: 6393386 (2002-05-01), Zager et al.
patent: 6430526 (2002-08-01), Toll
patent: 6484261 (2002-11-01), Wiegel
patent: 6820042 (2004-11-01), Cohen et al.
patent: 2002/0021675 (2002-02-01), Feldmann
patent: 2002/0093527 (2002-07-01), Sherlock et al.
patent: 2003/0120955 (2003-06-01), Bartal et al.
Feldmann et al., IP Network Configuration for Traffic Engineering, May 2000.
Tawil et al.; Evaluation and Testing of Internet Firewalls; 1999.
Chang et al. Network Simulations with OPNET; 1999, Proceedings of the 1999 Winter Simulation Conference.
Dinesh C. Verma, “Policy-Based Networking, Architecture and Algorithms”, pp. 5-25 (New Riders Publishing, Indianapolis, IN, Nov. 2000).
Scott M. Ballew, “Managing IP Networks with Cisco Routers”, pp. 133-168 (O'Reilly & Associates, Inc., Oct. 1997).
Craig Hunt, “TCP/IP Network Administration”, pp. 164-201 (O'Reilly & Associates, Inc., Jan. 1998).
Michael Wynston, “Cisco Enterprise Management Solutions, vol. 1”, pp. 143-183 (Cisco Press, Indianapolis, IN, 2001).
Kathryn M. Walker et al., “Computer Security Policies and SunScreen Firewalls”, pp. 1-17 (Sun Microsystems, Inc., Palo Alto, CA, 1998).
Linda McCarthy, “Intranet Security, stories from the trenches”, pp. xxiii-xxv (Sun Microsystems, Inc., Mountain View, CA, 1998).
Martin Freiss, “Protecting Networks with SATAN”, pp. 87-105 (O'Reilly/International Thomson Verlag GmbH & Co. KG., Sebastopol, CA, First English Edition, May 1998).
Winston Bumpus et al., “Common Information Model, Implementing the Object Model for Enterprise Management”, pp. 1-20 (John Wiley & Sons, Inc., 2000).
Alain Mayer et al., “Fang: A Firewall Analysis Engine”, pp. 1-11 (21stIEEE Symposium on Security & Privacy, Oakland, CA, May 2000).
“Open Security Extension”, pp. 1-2 (Check Point Software Technologies Ltd., 1999).
“The Next Big Internet Hurdle: Configuration Management”, pp. 1-10 (Gold Wire Technology, Dec. 2000).
“Visual Policy Editor”, 2 pages, (website: http://www.checkpoint.com/products/vpe.html, May 21, 2001).
James Allen Hoagland, “Specifying and Implementing Security Policies using LaSCO, the Language for Security Constraints on Objects” (Ph.D., Dissertation), pp. 1-130 (website: http://seclab.cs.ucdavis.edu/intel/lasco/, Mar., 2000).
Jim Geier, “Overview of Common Routing Protocols”, pp. 1-8 (Wireless-Nets, Ltd., website: http://www.wireless-nets.cin/whiteparper—routing.htm, Apr. 1998).
“Routing Information Protocol (RIP)”, pp. 44-1 to 44-4 (Internetworking Technology Overview, Jun. 1999).
Rutrell Yasin, “Policy Management Hits the Web”, pp. 1-3 (website: http://www.pentasafe.com
ew/internetweek.htm, Jan. 8, 2001).
Greg Shipley, “Cisco IOS: It's Not Just for Running Anymore”, pp. 1-4 (website: http://www.networkcomputing.com/shared/printArticle?article.../1011ws1full.html&pub=nw, May 31, 1999).
C. Alaettinoglu et al., “Routing Policy Specification Language (RPSL)”, pp. 1-62 (The Internet Society, website: http://www.ietf.org/rfc/rfc2622.txt, Jun. 1999).
Yair Bartal et al., “Firmato: A Novel Firewall Management Toolkit”, pp. 1-15 (20thIEEE Symposium on Security & Privacy, Oakland, CA, May 1999).
Hugh Mahon et al., “Requirements for a Policy Management Systems”, pp. 1-19 (The Internet Society, website: http://www.ietf.org/internet-drafts-ietf-policy-req-02.txt, Nov. 9, 2000.
Lim Krisna
Redseal Systems, Inc.
Reilly Sean
Townsend and Townsend / and Crew LLP
LandOfFree
Method and apparatus for network wide policy-based analysis... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for network wide policy-based analysis..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for network wide policy-based analysis... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3637590