Patents Assigned to nCircle Network Security, Inc.
-
Patent number: 8615572Abstract: A network services platform provides services to remote enterprise networks. The services platform provides a control module to a computer in the enterprise network. The control module executes on the computer and interacts with the services platform to establish an Internet Protocol (IP) tunnel between the services platform and the computer. The control module also establishes a bridge between the IP tunnel and the enterprise network. The services platform allocates a unique private IP address space to the enterprise network, and translates IP addresses in network communications between enterprise network addresses and corresponding services platform addresses in the allocated unique private address space. The services platform provides network services to the enterprise network via the IP tunnel and bridge.Type: GrantFiled: December 13, 2012Date of Patent: December 24, 2013Assignee: nCircle Network Security, Inc.Inventors: Alexander L. Quilter, Oliver Lavery, David J. Meltzer, Timothy D. Keanini
-
Patent number: 8356089Abstract: A network services platform provides services to remote enterprise networks. The services platform provides a control module to a computer in the enterprise network. The control module executes on the computer and interacts with the services platform to establish an Internet Protocol (IP) tunnel between the services platform and the computer. The control module also establishes a bridge between the IP tunnel and the enterprise network. The services platform allocates a unique private IP address space to the enterprise network, and translates IP addresses in network communications between enterprise network addresses and corresponding services platform addresses in the allocated unique private address space. The services platform provides network services to the enterprise network via the IP tunnel and bridge.Type: GrantFiled: June 22, 2012Date of Patent: January 15, 2013Assignee: nCircle Network Security, Inc.Inventors: Alexander L. Quilter, Oliver Lavery, David J. Meltzer, Timothy D. Keanini
-
Patent number: 8230071Abstract: A network services platform provides services to remote enterprise networks. The services platform provides a control module to a computer in the enterprise network. The control module executes on the computer and interacts with the services platform to establish an Internet Protocol (IP) tunnel between the services platform and the computer. The control module also establishes a bridge between the IP tunnel and the enterprise network. The services platform allocates a unique private IP address space to the enterprise network, and translates IP addresses in network communications between enterprise network addresses and corresponding services platform addresses in the allocated unique private address space. The services platform provides network services to the enterprise network via the IP tunnel and bridge.Type: GrantFiled: June 28, 2010Date of Patent: July 24, 2012Assignee: nCircle Network Security, Inc.Inventors: Alexander L. Quilter, Oliver Lavery, David J. Meltzer, Timothy D. Keanini
-
Patent number: 8176544Abstract: A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The device profiler traverses a vulnerability tree having nodes representative of characteristics of the hosts, each node having an associated set of potential vulnerabilities. Verification rules can verify the potential vulnerabilities. A centralized correlation server, at a centrally accessible location in the network, stores the determined vulnerabilities of the network and associates the determined vulnerabilities with attack signatures. Traffic monitors access the attack signatures and monitor network traffic for attacks against the determined vulnerabilities.Type: GrantFiled: February 3, 2011Date of Patent: May 8, 2012Assignee: nCircle Network Security, Inc.Inventors: Timothy D. Keanini, Martin A. Quiroga, Brian W. Buchanan, John S. Flowers
-
Patent number: 8020211Abstract: A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The device profiler traverses a vulnerability tree having nodes representative of characteristics of the hosts, each node having an associated set of potential vulnerabilities. Verification rules can verify the potential vulnerabilities. A centralized correlation server, at a centrally accessible location in the network, stores the determined vulnerabilities of the network and associates the determined vulnerabilities with attack signatures. Traffic monitors access the attack signatures and monitor network traffic for attacks against the determined vulnerabilities.Type: GrantFiled: September 1, 2009Date of Patent: September 13, 2011Assignee: nCircle Network Security, Inc.Inventors: Timothy D. Keanini, Martin A. Quiroga, Brian W. Buchanan, John S. Flowers
-
Publication number: 20090320138Abstract: A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The device profiler traverses a vulnerability tree having nodes representative of characteristics of the hosts, each node having an associated set of potential vulnerabilities. Verification rules can verify the potential vulnerabilities. A centralized correlation server, at a centrally accessible location in the network, stores the determined vulnerabilities of the network and associates the determined vulnerabilities with attack signatures. Traffic monitors access the attack signatures and monitor network traffic for attacks against the determined vulnerabilities.Type: ApplicationFiled: September 1, 2009Publication date: December 24, 2009Applicant: c/o nCircle Network Security, Inc.Inventors: Timothy D. Keanini, Martin A. Quiroga, Brian W. Buchanan, John S. Flowers
-
Patent number: 7594273Abstract: A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The device profiler traverses a vulnerability tree having nodes representative of characteristics of the hosts, each node having an associated set of potential vulnerabilities. Verification rules can verify the potential vulnerabilities. A centralized correlation server, at a centrally accessible location in the network, stores the determined vulnerabilities of the network and associates the determined vulnerabilities with attack signatures. Traffic monitors access the attack signatures and monitor network traffic for attacks against the determined vulnerabilities.Type: GrantFiled: February 16, 2007Date of Patent: September 22, 2009Assignee: nCircle Network Security, Inc.Inventors: Timothy D. Keanini, Martin A. Quiroga, Brian W. Buchanan, John S. Flowers
-
Patent number: 7509681Abstract: A system in accordance with an embodiment of the invention includes a vulnerability detection system (VDS) and an intrusion detection system (IDS). The intrusion detection system leverages off of information gathered about a network, such as vulnerabilities, so that it only examines and alerts the user to potential intrusions that could actually affect the particular network. In addition, both the VDS and IDS may use rules in performing their respective analyses that are query-based and that are easy to construct. In particular, these rules may be based on a set of templates, which represent various entities or processes on the network.Type: GrantFiled: January 8, 2007Date of Patent: March 24, 2009Assignee: nCircle Network Security, Inc.Inventors: John S. Flowers, Thomas C. Stracener
-
Patent number: 7181769Abstract: A system and method for providing distributed security of a network. Several device profilers are placed at different locations of a network to assess vulnerabilities from different perspectives. The device profiler identifies the hosts on the network, and characteristics such as operating system and applications running on the hosts. The device profiler traverses a vulnerability tree having nodes representative of characteristics of the hosts, each node having an associated set of potential vulnerabilities. Verification rules can verify the potential vulnerabilities. A centralized correlation server, at a centrally accessible location in the network, stores the determined vulnerabilities of the network and associates the determined vulnerabilities with attach signatures. Traffic monitors access the attack signatures and monitor network traffic for attacks against the determined vulnerabilities.Type: GrantFiled: June 6, 2003Date of Patent: February 20, 2007Assignee: nCircle Network Security, Inc.Inventors: Timothy D. Keanini, Martin A. Quiroga, Brian W. Buchanan, John S. Flowers
-
Patent number: 7162742Abstract: A system in accordance with an embodiment of the invention includes a vulnerability detection system (VDS) and an intrusion detection system (IDS). The intrusion detection system leverages off of information gathered about a network, such as vulnerabilities, so that it only examines and alerts the user to potential intrusions that could actually affect the particular network. In addition both the VDS and IDS use rules in performing their respective analyses that are query-based and that are easy to construct. In particular these rules are based on a set of templates, which represent various entities or processes on the network.Type: GrantFiled: November 12, 2004Date of Patent: January 9, 2007Assignee: nCircle Network Security, Inc.Inventors: John S. Flowers, Thomas C. Stracener
-
Patent number: 7073198Abstract: A system and method in accordance with the invention reliably and non-intrusively identifies various conditions of a network. In particular, an embodiment of the invention can identify an operating system, including version and patch level, and a service, including version and patch level, of a remote host on the network. Using this information, an embodiment of the invention can then reliably identify a vulnerability condition of the network. In some embodiments, the operating system and service information can be used to identify a trojan application, unlicensed software use, security policy violations, or even infer vulnerabilities that are yet unknown.Type: GrantFiled: August 25, 2000Date of Patent: July 4, 2006Assignee: nCircle Network Security, Inc.Inventors: John S. Flowers, Thomas C. Stracener
-
Patent number: 6957348Abstract: A system in accordance with an embodiment of the invention includes a vulnerability detection system (VDS) and an intrusion detection system (IDS). The intrusion detection system leverages off of information gathered about a network, such as vulnerabilities, so that it only examines and alerts the user to potential intrusions that could actually affect the particular network. In addition both the VDS and IDS use rules in performing their respective analyses that are query-based and that are easy to construct. In particular these rules are based on a set of templates, which represent various entities or processes on the network.Type: GrantFiled: January 10, 2001Date of Patent: October 18, 2005Assignee: nCircle Network Security, Inc.Inventors: John S. Flowers, Thomas C. Stracener