John P Ravenel

US Patent:

7624422, Nov 24, 2009

Filed:

Feb 13, 2004

Appl. No.:

10/778837

Inventors:

John Leslie Williams - San Diego CA, US
Brian Costello - Los Angeles CA, US
John Patrick Ravenel - Escondido CA, US
John Pelly - La Jolla CA, US
Ryan Tadashi Nakawatase - San Diego CA, US
Thomas Paul Walpole - Carlsbad CA, US

Assignee:

Preventsys, Inc. - Carlsbad CA

International Classification:

H04L 12/24
H04L 29/06
H04L 12/26

US Classification:

726 1, 726 3, 726 25

Abstract:

A prevention-based network auditing system includes an audit repository storing network information gathered by a plurality of heterogeneous information sources. A semantic normalization module identifies semantic equivalencies in the gathered information, and generates a map listing for each fact gathered by an information source, an equivalent fact or set of facts gathered by each of the other information sources. A network policy is then uniformly applied to the information that is identified as being semantically equivalent.

US Patent:

7627891, Dec 1, 2009

Filed:

Feb 13, 2004

Appl. No.:

10/779190

Inventors:

John Leslie Williams - San Diego CA, US
Brian Costello - Los Angeles CA, US
John Patrick Ravenel - Escondido CA, US
John Payne - Newport Beach CA, US
Ryan Tadashi Nakawatase - San Diego CA, US
Thomas Paul Walpole - Carlsbad CA, US
Stephen J. Ritter - Solana Beach CA, US
John Pelly - La Jolla CA, US
M. Celeste Rutherford - Del Mar CA, US

Assignee:

Preventsys, Inc. - Carlsbad CA

International Classification:

H04L 9/00
G06F 15/16

US Classification:

726 1, 709224

Abstract:

A prevention-based network auditing system includes a central compliance server generating network policies and configuring audits of the data communications network. The compliance server presents a graphical user interface (GUI) to describe the specific data gathering parameters, policies to be analyzed, and the schedule of analysis. One or more audit servers strategically deployed around the network employ heterogeneous data-gathering tools to gather information about the network in response to the configured audits, and transmit the gathered information to the compliance server. An audit repository stores the gathered information for use by the compliance server for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

US Patent:

8091117, Jan 3, 2012

Filed:

Feb 13, 2004

Appl. No.:

10/778779

Inventors:

John Leslie Williams - Riverton CT, US
Brian Costello - Los Angeles CA, US
John Patrick Ravenel - Escondido CA, US

Assignee:

Preventsys, Inc. - Carlsbad CA

International Classification:

G06F 21/00

US Classification:

726 3

Abstract:

A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

US Patent:

8561175, Oct 15, 2013

Filed:

Feb 13, 2004

Appl. No.:

10/778770

Inventors:

John Leslie Williams - San Diego CA, US
Brian Costello - Los Angeles CA, US
John Patrick Ravenel - Escondido CA, US
Stephen J. Ritter - Solana Beach CA, US
John Pelly - La Jolla CA, US
M. Celeste Rutherford - Del Mar CA, US
John Payne - Newport Beach CA, US

Assignee:

Preventsys, Inc. - Carlsbad CA

International Classification:

G06F 11/00

US Classification:

726 22, 726 26, 713177, 713178

Abstract:

A prevention-based network auditing system includes a central compliance server providing a user interface allowing a user to schedule and configure a network audit. The configured audit is stored in an audit repository until its scheduled time. At such a time, the compliance server automatically invokes one or more audit servers to gather information about the network. The compliance server receives the gathered information and electronically applies a network policy to the information for determining compliance with the policy. A remediation task may be generated if the policy has been violated, and the task monitored until its completion.

US Patent:

20050010819, Jan 13, 2005

Filed:

Feb 13, 2004

Appl. No.:

10/778836

Inventors:

John Williams - San Diego CA, US
Brian Costello - Los Angeles CA, US
John Ravenel - Escondido CA, US
John Payne - Newport Beach CA, US
Stephen Ritter - Solana Beach CA, US
Ryan Nakawatase - San Diego CA, US
John Pelly - La Jolla CA, US
M. Rutherford - Del Mar CA, US

International Classification:

G06F011/30
G06F012/14

US Classification:

713201000, 709229000

Abstract:

A prevention-based network auditing system includes a central compliance server storing both natural language policy documents and machine-processable policy rules in an audit repository. The compliance server provides a client-side user interface allowing a user to easily generate a machine-auditable policy by selecting/generating a natural language policy source document, and linking the applicable machine-processable policy rules to the applicable portions of the source document. The selected machine-processable policy rules are then applied to information gathered about the network during a scheduled network audit session for efficiently and systematically determining whether policy violations and/or vulnerabilities exist.

US Patent:

20120079106, Mar 29, 2012

Filed:

Dec 6, 2011

Appl. No.:

13/312963

Inventors:

John Leslie Williams - Riverton CT, US
Brian Costello - Los Angeles CA, US
John Patrick Ravenel - Escondido CA, US
Thomas Paul Walpole - Carlsbad CA, US

International Classification:

G06F 15/16

US Classification:

709224

Abstract:

A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

US Patent:

20120079107, Mar 29, 2012

Filed:

Dec 6, 2011

Appl. No.:

13/312978

Inventors:

John Leslie Williams - Riverton CT, US
Brian Costello - Los Angeles CA, US
John Patrick Ravenel - Escondido CA, US
Thomas Paul Walpole - Carlsbad CA, US

International Classification:

G06F 15/16

US Classification:

709224

Abstract:

A prevention-based network auditing system includes a plurality of heterogeneous information sources gathering information about the network. An audit server invokes the heterogeneous information sources via a uniform communications interface to gather information about the network, and converts the information gathered by the information sources into a normalized data format such as, for example, into XML (Extensible Markup Language). The converted information is then stored in an audit repository for security and regulatory policy assessment, network vulnerability analysis, report generation, and security improvement recommendations.

US Patent:

20130347107, Dec 26, 2013

Filed:

Aug 26, 2013

Appl. No.:

14/010498

Inventors:

John Leslie Williams - San Diego CA, US
Brian Costello - Los Angeles CA, US
John Patrick Ravenel - Escondido CA, US
Stephen J. Ritter - Solana Beach CA, US
John Pelly - La Jolla CA, US
M. Celeste Rutherford - Del Mar CA, US
John Payne - Newport Beach CA, US

International Classification:

H04L 29/06

US Classification:

726 22

Abstract:

A prevention-based network auditing system includes a central compliance server providing a user interface allowing a user to schedule and configure a network audit. The configured audit is stored in an audit repository until its scheduled time. At such a time, the compliance server automatically invokes one or more audit servers to gather information about the network. The compliance server receives the gathered information and electronically applies a network policy to the information for determining compliance with the policy. A remediation task may be generated if the policy has been violated, and the task monitored until its completion.