Patent attributes
Information flow between network elements in a network enables a management system to capture a security knowledge base and to perform a static analysis of the network. In one embodiment, a method for performing a network security audit based on information flows among network elements comprises the machine-implemented steps of obtaining a network inventory that identifies one or more network elements of a packet-switched network; determining how information packets flow through the one or more network elements; determining a first threat level for each of the one or more network elements; determining a second threat level for the network as a whole; and providing a report of a network security audit based on the first and second threat levels.
