최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0865482 (1997-05-29) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 695 인용 특허 : 5 |
A system provides for establishing security in a network that include nodes having security functions operating in multiple protocol layers. Multiple network devices, such as remote access equipment, routers, switches, repeaters and network cards having security functions are configured to contribut
A system provides for establishing security in a network that include nodes having security functions operating in multiple protocol layers. Multiple network devices, such as remote access equipment, routers, switches, repeaters and network cards having security functions are configured to contribute to implementation of distributed firewall functions in the network. By distributing firewall functionality throughout many layers of the network in a variety of network devices, a pervasive firewall is implemented. The pervasive, multilayer firewall includes a policy definition component that accepts policy data that defines how the firewall should behave. The policy definition component can be a centralized component, or a component that is distributed over the network. The multilayer firewall also includes a collection of network devices that are used to enforce the defined policy. The security functions operating in this collection of network devices across multiple protocol layers are coordinated by the policy definition component so that particular devices enforce that part of the policy pertinent to their part of the network.
[ We claim:] [1.] A system providing multiple protocol layer security in a network including nodes of a plurality of network device types, with nodes in a set of the nodes in the network including security functions executing in response to configuration data adapted for the corresponding type of no
[ We claim:] [1.] A system providing multiple protocol layer security in a network including nodes of a plurality of network device types, with nodes in a set of the nodes in the network including security functions executing in response to configuration data adapted for the corresponding type of node in the network, comprising:a topology data store, storing information about security functions operating in the set of the nodes in the network, and about interconnection of nodes in the set of the nodes in the network;a configuration interface, coupled to the topology data store, including an input by which to receive security policy statements indicating security policies to be implemented among nodes in the network; anda configuration driver, coupled to the network, the configuration interface, and the topology data store, including resources which translate the security policy statements into configuration data for the plurality of types of nodes in the network, and which conveys the configuration data to the nodes, wherein the security functions operating in the plurality of network device types across multiple protocol layers are coordinated by the security policy so that particular device types enforce the part of the security policy pertinent to the associated part of the network.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.