With the changing environment for computer systems and networks and a plethora of information being transferred between systems internal and external to a network the need for security measures has become vital. Not only is there a need for protection and detection systems such as firewalls and scanners but identification of potential vulnerabilities is also needed. Conventional network vulnerability tools such as CyberCop, Satan and Cyberscanner only look at the exposed face of a network or they may look at a network inside but they do not look at the interactions of the network components. For example, the current network vulnerability tools do not see that the vulnerability on machine X will allow it to then be used to compromise machine Y. Additionally, these types of tools do not show the path of an attack when Y is compromised. Another drawback of many of the conventional tools is the inability to detect and defeat hackers in real time.
There is a need to detect a series of low to high risk problems without disrupting the current network and without leaving footprints such as event log entries and the like on scanned machines. A system that would assist information technology (IT) managers to successfully oppose hackers and provide a clear picture of vulnerabilities across enterprise networks as well as local area networks is needed. Often the security risks are at the locations such as firewalls and gateways which let information flow. Without sufficient security tools valuable information can be compromised at these locations.
What is needed is a system and method that analyzes the vulnerability of a network based on its current configuration by investigating possible attacks on a model of the network. A system is needed that performs both perimeter and internal network vulnerability checks. In addition, what is needed is a system and method which takes and uses conventional tools as discovery mechanisms.
For the reasons stated above, and for other reasons stated below which will become apparent to those skilled in the art upon reading and understanding the present specification, there is a need in the art for a modeling system which efficiently analyzes the vulnerability of a network using a network model.