System and method for managing security events on a network

(54) SYSTEM AND METHOD FOR MANAGING SECURITY EVENTS ON A NETWORK

(75) Inventors: Gregory Neil Houston, Norcross, GA
(US); Christian D. Kobsa,
Lawrenceville, GA (US); Sridhar
Embar, Atlanta, GA (US); Matthew
Thaddeus Di Iorio, Atlanta, GA (US);
Bryan Douglas Williams,
Lawrenceville, GA (US); Michael
George Nikitaides, Marietta, GA (US)

Correspondence Address:
W. Scott Petty, Esq.
KING & SPALDING
45th Floor

191 Peachtree Street, N.E.
Atlanta, GA 30303 (US)

(73) Assignee: Internet Security System, Inc., Atlanta, GA (US)

(21) Appl. No.: 09/844,448

(22) Filed: Apr. 27, 2001

Related U.S. Application Data

(63) Non-provisional of provisional application No. 60/200,313, filed on Apr. 28, 2000.

Publication Classification

(51) Int. CI.7 G06F 11 30

(52) U.S. CI 713/201; 709/224

(57) ABSTRACT

A computer-implemented system for managing security event data collected from a computing network. The system employs an event managing software module that can reside on a computing network that is being monitored with security devices. The event managing software collects security event data from security devices located in the monitored computing network and can process the security event data. In processing the security event data, the event manager module can format the data and create manageable summaries of the data. The event manager also supports storage of the security event data and the results of any processing performed on the data. Security event data can be identified by the event manager for use in responding to a security event.