Client-driven randomized and changing media access control (mac) address (rcm) mechanism
US-2024422202-A1 · Dec 19, 2024 · US
Adaptive network security policies
US11310285B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11310285-B2 |
| Application number | US-201916460004-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 2, 2019 |
| Priority date | Aug 19, 2013 |
| Publication date | Apr 19, 2022 |
| Grant date | Apr 19, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Adaptive network security policies can be selected by assigning a number of risk values to security intelligence associated with network traffic, and identifying a number of security policies to implement based on the risk values.
First claim
Opening claim text (preview).
What is claimed: 1. A computer-implemented method of protecting a computer network, the method comprising: receiving, over a computer network, a first network traffic in a first network security system; inspecting, in the first network security system, the first network traffic using a first security policy; obtaining a first security intelligence based at least on the inspection of the first network traffic using the first security policy; selecting a second security policy to be implemented in a second network security system based at least on the first security intelligence; receiving, over the computer network, the first network traffic in the second network security system; inspecting, in the second network security system, the first network traffic using the second security policy; obtaining a second security intelligence based at least on the inspection of the first network traffic using the second security policy; selecting a third security policy to be implemented in a third network security system based at least on the second security intelligence; receiving, over the computer network, the first network traffic in the third network security system, wherein the first, second, and third network security systems are different types of network security systems; inspecting, in the third network security system, the first network traffic using the third security policy; and performing a response action against the first network traffic in response to detecting that the first network traffic is a threat to the computer network. 2. The method of claim 1 , wherein the response action includes blocking the first network traffic. 3. The method of claim 1 , wherein the first network security system comprises a firewall and the second network security system comprises an application identification system (AIS). 4. The method of claim 1 , wherein the third security policy comprises a filter for allowing or blocking network traffic. 5. The method of claim 1 , further comprising: storing the first security intelligence in a historical database; and forwarding the first security intelligence from the historical database to the second network security system over the computer network. 6. The method of claim 1 , further comprising: assigning a first risk level to the first network traffic based on the inspection of the first network traffic using the first security policy, wherein the second security policy is selected to be implemented in the second network security system based at least on the first risk level being assigned to the first network traffic. 7. The method of claim 6 , further comprising: receiving, over the computer network, a second network traffic in the first network security system; inspecting, in the first network security system, the second network traffic using the first security policy; assigning a second risk level to the second network traffic based at least on the inspection of the second network traffic using the first security policy; selecting a fourth security policy to be implemented in the second network security system based at least on the second risk level being assigned to the second network traffic; and inspecting, in the second network security system, the second network traffic using the fourth security policy. 8. A system for protecting a computer network, the system comprising: a first network security system comprising a processor and a memory, the first network security system being configured to receive a first network traffic over a computer network, inspect the first network traffic using a first set of security policies, and generate a first security intelligence based on the inspection of the first network traffic using the first set of security policies; a second network security system comprising a processor and a memory, the second network security system being configured to receive the first security intelligence over the computer network, select a second set of security policies based at least on the first security intelligence, inspect the first network traffic using the second set of security policies, and generate a second security intelligence based on the inspection of the first network traffic using the second set of security policies; and a third network security system comprising a processor and a memory, the third network security system being configured to receive the second security intelligence over the computer network, select a third set of security policies based at least on the second security intelligence, and inspect the first network traffic using the third set of security policies, wherein the first, second, and third network security systems are different types of network security systems, and wherein the second network security system selects the second set of security policies based at least on a first risk level being assigned to the first network traffic. 9. The system of claim 8 , wherein the third network security system is configured to perform a response action against the first network traffic in response to detecting that the first network traffic is a threat to the computer network. 10. The system of claim 9 , wherein the response action includes blocking the first network traffic. 11. The system of claim 8 , wherein the third set of security policies comprises filters for allowing or blocking network traffic. 12. The system of claim 8 , wherein the second network security system is configured to receive a second network traffic over the computer network, select a fourth set of security policies based at least on a second risk level being assigned to the second network traffic, and inspect the second network traffic using the fourth set of security policies. 13. The system of claim 8 , wherein the first network security system comprises a firewall and the second network security system comprises an application identification system (AIS). 14. A computer-implemented method of protecting a computer network, the method comprising: receiving, over a computer network, a first network traffic in a first network security system; inspecting, in the first network security system, the first network traffic using a first set of security policies; assigning a first risk value to the first network traffic based at least on the inspection of the first network traffic using the first set of security policies; selecting a second set of security policies to be implemented in a second network security system based at least on the first risk value being assigned to the first network traffic; receiving, over the computer network, the first network traffic in the second network security system; inspecting, in the second network security system, the first network traffic using the second set of security policies; assigning a second risk value to the first network traffic based at least on the inspection of the first network traffic using the second set of security policies, wherein the second risk value is different from the first risk value; selecting a third set of security policies to be implemented in a third network security system based at least on the second risk value being assigned to the first network traffic, wherein the first, second, and third network security systems are different types of network security systems; inspecting, in the third network security system, the first network traffic using the third set of security policies; and in response to detecting that the first network traffic is a threat to the computer network, performing a response action against the first network traffic. 15. The method of cl
Assignees
Inventors
Classifications
for separating internal from external traffic, e.g. firewalls · CPC title
Risk-dependent, e.g. selecting a security level depending on risk profiles · CPC title
Traffic logging, e.g. anomaly detection · CPC title
- H04L63/205Primary
involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved (negotiation of communication capabilities H04L69/24) · CPC title
Vulnerability analysis · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11310285B2 cover?
- Adaptive network security policies can be selected by assigning a number of risk values to security intelligence associated with network traffic, and identifying a number of security policies to implement based on the risk values.
- Who is the assignee on this patent?
- Trend Micro Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/205. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 19 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).