Home | Links | Contact Us | More About Intellectual Property | Bookmark

Search patents:

Home

Processing Data

Intelligent-network-security-device-and-method

Method of preserving data packet sequencing

In essence, the present invention augments the UDP protocol to attain similar characteristics as FR....

Method and apparatus for retarting pipeline processing

According to the invention, pipeline throughput is improved by a processing pipeline architecture ...

Method and system in display device interface for managing surface memory

The invention provides a display device interface and associated methods for managing surface ...

Display device interface including support for generalized flipping of surfaces

The invention provides a method and system for supporting generalized flipping of surfaces. S...

Graphics system using clip bits to decide acceptance, rejection, clipping

The present invention comprises a computer graphics system which employs an improved method of clip ...

Method, apparatus and article of manufacture for a vertex attribute buffer in a graphics processor

What is claimed is: 1. A method for managing vertex data in a vertex buffer during graphics ...

ATM address translation method and apparatus

The present invention provides a unique method and apparatus for performing an address translation ...

Serving data from a resource limited system

The present invention provides a method for serving data from a networked device. Data is generated ...

System and method for personalizing electronic mail messages

Methods, systems, and articles of manufacture consistent with the present invention provide an e-...

Updating data from a source computer to groups of destination computers

Viewed from one aspect the present invention provides a computer program product for controlling a ...

Intelligent network security device and method

Details

Inventors: Shipley, Peter M.;
Assignee:
Primary Examiner: Beausoliel, Jr.; Robert W.
Assistant Examiner: Elisca; Pierre E.
Attorney, Agent or Firm: Henneman & Saunders

An intelligent network security device ("INSD") (10) operates in a local area network (""LAN") (12) according to an intelligent network security method (30). The LAN (12) has a plurality of computers (14) and connects to the internet (16) through a firewall (18). The INSD (10) resides within the LAN (12) such that data traversing between the LAN (12) and the internet (16) is accessible thereto. The INSD (10) looks for code and patterns of behavior and assigns a value to perceived attempted security breaches. The INSD (10) then directs the firewall (16) to take any of a prescribed plurality of actions, based upon such value.

DETAILED DESCRIPTION I claim: 1.
In a computer system connected to an external communications medium, a security device comprising: a programmable firewall device interposed between the computer system and the external communications medium; a controller device configured within the computer system such that said controller device can access all communications into and out of the computer system; and a communications device for communicating instructions from said controller device to said firewall device for controlling said firewall device; wherein said controller device examines communications incoming to the computer system to detect attempted security breaches; and the controller device continuously controls the firewall during the operation of the computer system to block communications between the computer system and the external communications medium when an attempted security breach is detected.
2.
The computer system of claim 1, wherein: the computer system is a local area network.
3.
The computer system of claim 1, wherein: the external communications medium is the internet.
4.
The computer system of claim 1, wherein: the computer system is a local area network operating as an Ethernet network.
5.
The computer system of claim 1, wherein: the controller device examines communications incoming to the computer system for code known to be associated with attempted security breaches.
6.
The computer system of claim 1, wherein: the controller device examines communications incoming to the computer system for patterns of activity indicative of attempted security breaches.
7.
The computer system of claim 1, wherein: the communications device is a serial data communications link.
8.
The computer system of claim 1, wherein: the controller assigns a value to a perceived attempted security breach; and the controller controls the firewall to block communications between the computer system and the external communications medium for a predetermined period according to the value assigned to the perceived attempted security breach

Related patents

	Method for automatic intrusion detection and deflection in a network OF THE INVENTION The present invention is of a method and a system for providing security to a network by at least identifying an un authorized user who is attempting ...
	Enhanced browser application for service related to the transportation of a message It is an object of the present invention to provide a universal browser, compatible with common commercial browsers, that incorporates preferences and/or applications ...
	Representing and verifying network management policies using collective constraints The foregoing needs and objects, and other needs and objects that will become apparent from the following description, are achieved by the invention, which comprises, in ...
	Systems and method for hiding from a computer system entry of a personal identification number (pin) to a smart card A system and method for isolating a computer system from entry of a personal identification number (PIN) to a smart card. The system and method includes a computer ...
	Method and system for updating a root of trust measurement function in a personal computer The present invention provides a method and system for updating a root of trust measurement function in a personal computer. The following description is presented to ...
	Spatial domain mechanism OF VARIOUS EMBODIMENTS Referring to FIG. 1, a system 30 includes a host 32 coupled to a first storage device 34. The system 30 also includes a second storage device 36, ...
	RF receiver having improved signal-to-noise ratio and method of operation To address the above-discussed deficiencies of the prior art, it is a primary object of the present invention to provide, for use in a CDMA receiver, a noise reduction ...
	Technique for transmitting incoming multi-link point-to-point (PPP) packet traffic over multiple outgoing links in a multi-link bundle The present invention overcomes the deficiencies in the art and satisfies these needs by setting, in direct contravention to conventional multi-link protocol processing, ...
	Quality of service improvement of internet real-time media transmission by transmitting redundant voice/media frames This invention improves the reliability and reduces the delays and packet losses of Internet media transmissions over packet switching networks such as Internet and I...
	Method, mobile station, basestation and mobile communications system for performing handoff independently for groups of physical direct sequence-code division multiple access channels It is an object of the present invention to mitigate one or more disadvantages of the prior art and, in particular, to provide a technique for handing off an active ...

0.014
Archive: All patents - Links Copyright (c)2006 Eipa-patents.org - All rights reserved