Network security tap for use with intrusion detection system
US6898632B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 7, 2003 |
| Grant date | May 24, 2005 |
| Priority date | — |
| Expiry date | Oct 29, 2023 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0227
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and method is presented for analyzing information in a communication line for unwanted intrusions and for allowing information to be transmitted back into the communication line without disrupting the communication traffic when an intrusion is detected. The system and method includes a security tap connected to a firewall. The security tap is also connected to an intrusion detection device. The intrusion detection device analyzes the information in the communication line for indicia of attempts to compromise the network. When such indicia is detected, the intrusion detection device sends a “kill” data packet back through the security tap and directed back to the communication line to the firewall to instruct the firewall to prevent further communications into the network by the intrusive source. An Ethernet switch or field programmable gate array (FPGA) is incorporated in the security tap to coordinate the transmission of the “kill” data packet to avoid data collisions with data transmissions already existing in the communication line.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.