Claims
- 1. A system for protecting security of a provisionable network, comprising:
a network server; a network client communicatively coupled with said server; a pool of resources coupled with said server for employment by said client; a resource management system for managing said resources; and an intrusion detection system enabled to detect and respond to an intrusion in said network.
- 2. The system described in claim 1 wherein said provisionable network comprises a utility data center.
- 3. The system described in claim 1 wherein said provisionable network comprises a resource manager.
- 4. The system described in claim 1, wherein said intrusion detection system is enabled to deploy at least one intrusion detection probe.
- 5. The system described in claim 1 wherein said intrusion comprises use by an unauthorized user.
- 6. The system described in claim 1 wherein said intrusion comprises unauthorized use by an authorized user.
- 7. The system described in claim 1 wherein said intrusion originates within said provisionable network.
- 8. The system described in claim 1, wherein said intrusion detection system comprises software resident in a network device.
- 9. The system described in claim 1, wherein said intrusion detection system comprises software resident in a utility controller host.
- 10. A method for providing security in a provisionable network, said method comprising:
providing an intrusion detection probe which is deployable in said provisionable network, said intrusion detection probe configured to detect an intrusion in said provisionable network; generating an alert based on detection of said intrusion in said provisionable network, said alert generated in accordance with a trust hierarchy; and generating a response based on said alert and said trust hierarchy.
- 11. The method described in claim 10 wherein said provisionable network comprises a utility data center.
- 12. The method described in claim 10 wherein said provisionable network comprises a resource pool.
- 13. The method described in claim 10 wherein said provisionable network comprises a resource manager.
- 14. The method described in claim 10 wherein said provisionable network comprises a network intrusion detection system.
- 15. The method described in claim 14, wherein said providing a deployable intrusion detection probe is accomplished in said network intrusion detection system.
- 16. The method described in claim 14, wherein said generating an alert based on said detection of said intrusion is accomplished in said network intrusion detection system.
- 17. The method described in claim 10, wherein said generating a response comprises initiating a lockout.
- 18. The method described in claim 17, wherein said response comprises a system lockout.
- 19. The method described in claim 17, wherein said response comprises a device lockout.
- 20. The method described in claim 10 wherein said intrusion comprises use by an unauthorized user.
- 21. The method described in claim 10 wherein said intrusion comprises unauthorized use by an authorized user.
- 22. The method described in claim 10 wherein said intrusion originates within said provisionable network.
- 23. The method described in claim 10, wherein said network intrusion detection system comprises software resident in a network device.
- 24. A network intrusion detection system enabled to deploy an intrusion detection probe, comprising:
intrusion detection software resident in a network device, said device communicatively coupled with a provisionable network; a trust hierarchy enabled to communicate with said software and to cause evaluation of a detected intrusion; and a network device enabled to generate a response to a detected intrusion.
- 25. The network intrusion detection system described in claim 24 wherein said provisionable network comprises a utility data center.
- 26. The network intrusion detection system described in claim 24 wherein said provisionable network comprises a resource pool.
- 27. The network intrusion detection system described in claim 24 wherein said provisionable network comprises a resource manager.
- 28. The network intrusion detection system described in claim 24 wherein said provisionable network comprises a network intrusion detection system.
- 29. The network intrusion detection system described in claim 24 wherein said providing a deployable intrusion detection probe is accomplished in said network intrusion detection system.
- 30. The network intrusion detection system described in claim 24 wherein said generating an alert based on said detection of said intrusion is accomplished in said network intrusion detection system.
- 31. The network intrusion detection system described in claim 24 wherein said trust hierarchy is configurable.
- 32. The network intrusion detection system described in claim 24 wherein said generating a response comprises initiating a out.
- 33. The network intrusion detection system described in claim 32 wherein said response comprises a system lockout.
RELATED U.S. APPLICATION
[0001] This application incorporates herein by reference the co-pending patent application, Attorney Docket Number HP-200209646-1, entitled “A Method For Protecting Security Of Network Intrusion Detection Sensors,” filed concurrently herewith, and assigned to the assignee of the present application.