Abstract: Methods and Systems for configuring secure templates for an application and network management system to provide network security. A template for an application and network management system is configured with first information for determining whether at least one message received by the template should or should not be processed by the template. The template is configured with second information for processing data associated with at least one received message. The template is configured with third information for preventing the communication of at least one received message to other templates for the application and network management system.

Abstract: A method for verifying port integrity in a network, comprising: accessing port binding information in a port authorization file in the network, querying a port mapper in the network for a mapped port assignment, comparing the port assignment to the port binding, and initiating a response based on the results of the comparing.

Abstract: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.

Abstract: A method, system, and apparatus are provided for testing a service in a network. A simulated interface is created on a network device by a Network Management Station (NMS). Thereafter, an instruction is received at the simulated interface from the NMS. The instruction comprises a source address, a destination address and other information to test a service. The service is tested on the network device based on the received instruction. A response is generated from the test. The response indicates whether the service is working as intended between the source address and the destination address. The response is sent from the simulated interface to the NMS.

Abstract: A method, system, and apparatus are provided for testing a service in a network. A simulated interface is created on a network device by a Network Management Station (NMS). Thereafter, an instruction is received at the simulated interface from the NMS. The instruction comprises a source address, a destination address and other information to test a service. The service is tested on the network device based on the received instruction. A response is generated from the test. The response indicates whether the service is Working as intended between the source address and the destination address. The response is sent from the simulated interface to the NMS.

Abstract: Disclosed is a method for configuring an intrusion detection system in a network which comprises determining a location in the network for a deployed intrusion detection sensor of the intrusion detection system, deploying the intrusion detection sensor in the determined location, enabling the intrusion detection sensor to monitor communication in a portion of the network, tuning the intrusion detection sensor to an appropriate level of awareness of the content in the communication in the network, prioritizing responses generated by the intrusion detection sensor to achieve an appropriate response to a detected intrusion in the network, configuring intrusion response mechanisms in the network to achieve an appropriate response by the mechanisms; and re-tuning the intrusion detection sensor in response to a prior intrusion detection.

Abstract: Methods and systems for establishing a consistent password policy. A plurality of password policies is described in a computer usable password policy data structure. The computer usable password policy data structure is accessed by a password policy enforcement agent. Optionally, the computer usable password policy data structure is validated for authenticity by the password policy enforcement agent. Optionally, the password policy enforcement agent can report back to a centralized configuration and aggregation point repository in order to provide a consistent view of policy enforcement.

Abstract: Disclosed is a method for configuring an intrusion detection system in a network which comprises determining a location in the network for a deployed intrusion detection sensor of the intrusion detection system, deploying the intrusion detection sensor in the determined location, enabling the intrusion detection sensor to monitor communication in a portion of the network, tuning the intrusion detection sensor to an appropriate level of awareness of the content in the communication in the network, prioritizing responses generated by the intrusion detection sensor to achieve an appropriate response to a detected intrusion in the network, configuring intrusion response mechanisms in the network to achieve an appropriate response by the mechanisms; and re-tuning the intrusion detection sensor in response to a prior intrusion detection.

Abstract: Methods and Systems for configuring secure templates for an application and network management system to provide network security. A template for an application and network management system is configured with first information for determining whether at least one message received by the template should or should not be processed by the template. The template is configured with second information for processing data associated with at least one received message. The template is configured with third information for preventing the communication of at least one received message to other templates for the application and network management system.

Abstract: In one embodiment, the present invention recites an Application and Network Management software (ANMS) environment in which a message requesting an action is received from an ANMS sending node. Upon determining that the action is not permitted in the ANMS environment, the action is prevented from occurring.