Abstract: A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

Abstract: A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

Abstract: A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

Abstract: A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

Abstract: A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

Abstract: A prevention-based network auditing system includes an audit repository storing network information gathered by a plurality of heterogeneous information sources. A semantic normalization module identifies semantic equivalencies in the gathered information, and generates a map listing for each fact gathered by an information source, an equivalent fact or set of facts gathered by each of the other information sources. A network policy is then uniformly applied to the information that is identified as being semantically equivalent.

Abstract: A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.