FIELD: computing; counting.
SUBSTANCE: invention relates to the field of computer equipment. Disclosed is a computer-implemented method for monitoring security in a network, including the steps of: collecting, by a computer system, data from a plurality of different types of sources, wherein the collected data includes network data and asset data; identifying, by the computer system based on the network data in the collected data, a network traffic event and a plurality of network assets related to the network traffic event; identifying, by the computer system based on the asset data in the collected data, connections between the plurality of network assets, wherein at least one of the characteristics of the connection between the network assets and the characteristics of the network asset are identified based, at least in part, on an attribute selected from the collected data; in response to detection, based on the collected data, changing the attribute of the first network asset associated with the first logical zone, moving this first network asset from the first logical zone to the second logical zone, moreover, the move contains an update of the database to indicate that the first network asset is a member of the second logical zone, and, based on membership in the second logical zone, establishing communication between the first network asset and other network assets is blocked; forming, by means of a computer system, an information flow graph displaying a multitude of network assets and connecting the network assets of said plurality, wherein said plurality of network assets includes the first network asset, and an information flow graph displays network traffic allowed between network assets, and network traffic that is blocked between network assets; and representing an information flow graph by means of a user interface display associated with the computer system.
EFFECT: providing more complete and accurate network security controls.
19 cl, 24 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| SYSTEMS AND METHODS FOR CREATING AND MODIFYING ACCESS LISTS | 2015 |
|
RU2679179C1 |
| SYSTEM AND METHOD FOR AUTOMATED DRILLING NETWORK | 2018 |
|
RU2780964C2 |
| ARCHITECTURE OF ORGANIZATION OF INDUSTRIAL PROGRAM-DEFINED NETWORKS FOR DEPLOYMENT IN A PROGRAM-DEFINED AUTOMATED SYSTEM | 2017 |
|
RU2737480C2 |
| CENTRALIZED CONTROL OF SOFTWARE-DEFINED AUTOMATED SYSTEM | 2016 |
|
RU2747966C2 |
| SYSTEM AND METHOD FOR PREVENTION SAFETY INCIDENTS BASED ON USER DANGER RATING | 2011 |
|
RU2477929C2 |
| SOFTWARE-DEFINED AUTOMATED SYSTEM AND ARCHITECTURE | 2016 |
|
RU2729885C2 |
| METHOD AND FACILITY FOR CONTROL OF DATA STREAMS OF PROTECTED DISTRIBUTED INFORMATION SYSTEMS IN NETWORK OF CODED COMMUNICATION | 2008 |
|
RU2402881C2 |
| SYSTEMS AND METHODS FOR PROTECTING NETWORK DEVICES THROUGH FIREWALL | 2016 |
|
RU2714367C1 |
| METHOD OF CONTROLLING DATA STREAMS BASED ON MONITORING GIVEN CONSUMER ROUTE AND DETECTION OF EVENT OF DESTRUCTIVE EFFECT | 2014 |
|
RU2586858C1 |
| CONTROL SYSTEM FOR SECURITY POLICY OF ELEMENTS OF CORPORATE COMMUNICATION NETWORK | 2023 |
|
RU2813469C1 |
