Abstract: A method is provided in one example embodiment that includes receiving metadata from a host over a metadata channel. The metadata may be correlated with a network flow and a network policy may be applied to the connection. In other embodiments, a network flow may be received from a host without metadata associated with the flow, and a discovery redirect may be sent to the host. Metadata may then be received and correlated with the flow to identify a network policy action to apply to the flow.

Abstract: A method is provided in one example embodiment that includes intercepting a network flow to a destination node having a network address and sending a discovery query based on a discovery action associated with the network address in a firewall cache. A discovery result may be received and metadata associated with the flow may be sent to a firewall before releasing the network flow. In other embodiments, a discovery query may be received from a source node and a discovery result sent to the source node, wherein the discovery result identifies a firewall for managing a route to a destination node. Metadata may be received from the source node over a metadata channel. A network flow from the source node to the destination node may be intercepted, and the metadata may be correlated with the network flow to apply a network policy to the network flow.

Abstract: A method is provided in one example embodiment that includes receiving metadata from a host over a metadata channel. The metadata may be correlated with a network flow and a network policy may be applied to the connection. In other embodiments, a network flow may be received from a host without metadata associated with the flow, and a discovery redirect may be sent to the host. Metadata may then be received and correlated with the flow to identify a network policy action to apply to the flow.

Abstract: A method and apparatus for a network monitor internals mechanism, which serves to translate packet data into multiple concurrent streams of encoded network event data, to contribute to enterprise management, reporting, and global mechanisms for aggregating monitors at a centralized aggregation point, and to facilitate rate limiting techniques because such monitors are not in control (i.e. cannot back pressure flow) is provided.

Abstract: A method and apparatus for a network monitor internals mechanism, which serves to translate packet data into multiple concurrent streams of encoded network event data, to contribute to enterprise management, reporting, and global mechanisms for aggregating monitors at a centralized aggregation point, and to facilitate rate limiting techniques because such monitors are not in control (i.e. cannot back pressure flow) is provided.

Abstract: A system and method for a vulnerability assessment mechanism that serves to actively scan for vulnerabilities on a continuous basis and interpret the resulting traffic in context of policy is provided. Vulnerability information is presented within an enterprise manager system enabling the user to access vulnerability information, recommended remediation procedures, and associated network traffic. A studio mechanism is used to add scanners to the appropriate policies and control the scope and distribution of scans within the target network.

Abstract: A method and apparatus for a network monitor internals mechanism that serves to translate packet data into multiple concurrent streams of network event data is provided. The data translation is accomplished by interpreting both sides of each protocol transaction.

Abstract: A method and apparatus uses a proprietary algorithm for organizing network security policy rules in a way that minimizes the number of rules considered when determining the set of rules applicable to a given protocol event.

Abstract: A system and method for generating a human readable, e.g. English language, description of a formal specification of network security policy that allows non-technical staff within a user's organization to comprehend the policy. The description is simple enough to be understood, yet captures salient details of the policy.

Abstract: A hydroforming system includes a dual conical tube formed from a blank. The dual conical tube has a first end, a second end and a central portion positioned between the first and the second ends. The central portion has a smaller cross sectional area than the first and the second ends. A shaping die is adapted to receive the dual conical tube, and the shaping die is subject to pressurize such that the tube substantially approximates the shape of the shaping die.

Abstract: A hydroforming system includes a dual conical tube formed from a blank. The dual conical tube has a first end, a second end and a central portion positioned between the first and the second ends. The central portion has a smaller cross sectional area than the first and the second ends. A shaping die is adapted to receive the dual conical tube, and the shaping die is subject to pressurize such that the tube substantially approximates the shape of the shaping die.

Abstract: A method and apparatus ascertain which credential and which condition both from a network security policy best describe, respectively, information about initiator and target principals involved in an interaction, and tests performed on a state of an associated protocol event.

Abstract: Synthetic methods for preparing isomerically pure N-arylsulfonyl derivatives of proton pump inhibitors which include a substituted benzimidazole nucleus are shown by the synthetic schemes and experimental description.

Abstract: A system and method for a vulnerability assessment mechanism that serves to actively scan for vulnerabilities on a continuous basis and interpret the resulting traffic in context of policy is provided. Vulnerability information is presented within an enterprise manager system enabling the user to access vulnerability information, recommended remediation procedures, and associated network traffic. A studio mechanism is used to add scanners to the appropriate policies and control the scope and distribution of scans within the target network.

Abstract: A method and apparatus for allowing a technique for continuously assessing the security of a network to be applicable to network assessment, by capturing and classifying large volumes of network traffic based on a formal policy, and applying such to both long-term and short-term network assessment.

Abstract: A method and apparatus for a network monitor internals mechanism, which serves to translate packet data into multiple concurrent streams of encoded network event data, to contribute to enterprise management, reporting, and global mechanisms for aggregating monitors at a centralized aggregation point, and to facilitate rate limiting techniques because such monitors are not in control (i.e. cannot back pressure flow) is provided.

Abstract: A method and apparatus for generating an initial policy specification file is provided. A level of abstraction over a policy language is used, simplifying creating the file based on gross character characteristics of a network at the IP level, such as policy domains, communities of hosts, subnets, and firewalls.

Abstract: A method and apparatus for a network monitor internals mechanism that serves to translate packet data into multiple concurrent streams of network event data is provided. The data translation is accomplished by interpreting both sides of each protocol transaction.

Abstract: A method and apparatus for a network monitor internals mechanism, which serves to translate packet data into multiple concurrent streams of encoded network event data, to contribute to enterprise management, reporting, and global mechanisms for aggregating monitors at a centralized aggregation point, and to facilitate rate limiting techniques because such monitors are not in control (i.e. cannot back pressure flow) is provided.

Abstract: A network security policy monitoring system and method for performing network and security assessments based on system-wide policy. Real network traffic is analyzed to identify abnormal traffic patterns, system vulnerabilities, and incorrect configuration of computer systems on a network, by listening on a network, logging events, and taking action.