Information is often exchanged and entertainment content is often broadcast as packetized data over communication networks. Typically, an end user accesses information or entertainment content via a user terminal such as a desktop computer, a laptop computer, a personal digital assistant (PDA), and Internet-enabled mobile phone, or the like. The user terminals may be connected to the network via wireless radiofrequency (RF) connectivity or, with the exception of a mobile phone, via a cable or Ethernet connection. Further, the network typically includes routers and switches for routing the data packets from content providers or other network destinations to the end user through networks, such as the Internet.
Organizations and enterprises are becoming more and more dependent upon such networks for day-to-day operations. Further, a significant number of organizations, such as Connexion by Boeing™, are in the business of providing such networks for end users. Because of the importance of maintaining network operations to organizations and to end-users/customers, network management tools have been developed to monitor network operations and status.
Conventional network security management systems are designed to operate in terrestrial environments that have very large bandwidth (˜100 mbps-1000 mbps). Network security management systems receive inputs from a variety of sources, including intrusion detection systems. These intrusion detection systems provide detected security events, such as attempted login, in a verbose format which can be stored on local disk or transmitted via simple network management protocol (SNMP) to a network security management system.
However, a node may be a mobile platform such as an airplane, a maritime vessel, a land vehicle, or the like. In such a network, the mobile network communication link is a scarce resource. Network Operational Center (NOC) personnel's time is also a scare resource. The communication resources available to a satellite based mobile network utilizing shared satellite transponder resources are much more modest (˜56 kbps-128 kbps) than those resources that are available to a fixed-location terrestrial-based network. Most of this satellite communication link resource must be available for the primary use of paying customer traffic.
It would therefore be desirable to provide current and accurate knowledge to terrestrial NOC operators of the security state of each mobile platform while utilizing a minimum amount of the critical communication resource.