PROVIDING NETWORK BEHAVIOR VISIBILITY BASED ON EVENTS LOGGED BY NETWORK SECURITY DEVICES

PROVIDING NETWORK BEHAVIOR VISIBILITY BASED ON EVENTS LOGGED BY NETWORK SECURITY DEVICES

A network management entity is configured to communicate with one or more network security devices. Each network security device is configured to store in a respective event queue an event for each attempt to access a network accessible destination through the security device. Each event indicates t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Siswick Zachary D, Levari Doron, Vasant Sachin, Miglani Umesh Kumar, Dotan Yedidya
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A network management entity is configured to communicate with one or more network security devices. Each network security device is configured to store in a respective event queue an event for each attempt to access a network accessible destination through the security device. Each event indicates the destination of the attempted access. The management entity periodically collects from the event queues the stored events so that less that all of the events stored in the event queues over a given time period are collected. The management entity determines, based on the collected events, top destinations as the destinations that occur most frequently in the collected events. The management entity determines, based on the collected events, bottom destinations as the destinations that occur least frequently in the collected events. The management entity generates for display indications of the top destinations and generates for display indications of the bottom destinations.