Abstract
A comprehensive network security management system must coordinate detection and scanning tools for converged networks; derive fully-integrated attack and network models; perform vulnerability and multi-stage attack analysis; support large-scale attack visualization; and possibly orchestrate strategic responses to unwarranted actions that cross network boundaries. We present an architecture that embodies these principles. The unified network security management system described in this paper gleans data from a suite of detection tools for various networking domains. Aggregate real-time network data supplies a comprehensive modeling framework used for further analysis, correlation, and visualization. The resulting system not only provides network administrators with a heads-up cockpit display of their entire network, it also supports guided response and predictive capabilities for multi-stage attacks in converged networks.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call