METHOD FOR SECURING COMPUTING SYSTEM NETWORKS THROUGH LOCKING OSI LAYERS 2 AND 3 ON INDIVIDUAL REMOTE COMPUTING DEVICES

Abstract

A secure ethernet chassis and console port and a method of enabling the same is provided through turning off an ethernet switch and/or router console port (OSI layer 2 or layer 3). The present invention isolates and controls an inside network egress and an outside ingress of the physical console port. The present invention enables operator to turn off and secure the console port, allowing for chassis security as well as console port security for unattended devices as well as remote devices. The process also allows the reverse recovery of the port. The process works for devices with single or dual IP stacks. The turning off the console port completely isolates the inside network of the switch and prevents network intrusion or device corruption via the console port. It also prevents unauthorized configuration changes of the device.

Claims

1. A method of providing security to a computer network coupled to a plurality of remote computing devices, comprising: providing a service control function for a remote computing device, the service control function configured to move an associated ethernet switch and/or an associated router console port to an off-locked condition.

2. The method of claim 1, further comprising: instructing a central processor unit associated with the remote computing device, through machine code, to provide self-test interrupts for normal operations regardless of the off-locked condition.

3. The method of claim 1, wherein the off-secured condition turns off a console serial port at a central processor unit associated with the remote computing device.

4. The method of claim 3, further comprising: instructing, through machine code, a central processor unit associated with the remote computing device to provide a normal result for a Power On Self-Test regardless of the off-locked condition.

5. The method of claim 4, further comprising: instructing, through machine code, a central processor unit associated with the remote computing device to selectively moving the associated ethernet switch and/or the associated router console port to an on-unlocked condition.

6. The method of claim 1, wherein the off-locked condition controls of an inside network egress and an outside ingress of the physical console port.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0010] FIG. 1 is a diagrammatic view of an exemplary embodiment of the present invention explaining the coding process to securely lock a console part through the ethernet drive.

DETAILED DESCRIPTION OF THE INVENTION

[0011] The following detailed description is of the best currently contemplated modes of carrying out exemplary embodiments of the invention. The description is not to be taken in a limiting sense, but is made merely for the purpose of illustrating the general principles of the invention, since the scope of the invention is best defined by the appended claims.

[0012] Broadly, an embodiment of the present invention provides a secure ethernet chassis and console port and a method of enabling the same. The method and process of the present invention includes locking the ethernet switch or the router console port (OSI layer 2 or layer 3) of remote network devices and then recovering or turning on the ethernet switch and/or router console port. This is done through the isolation and control of an inside network egress and an outside ingress of the physical console port.

[0013] The present invention enables an operator to turn off and secure the console port, allowing for chassis security as well as console port security for unattended devices as well as remote devices. The process also allows the reverse recovery of the port. The process works for devices with single or dual IP stacks. The turning off the console port completely isolates the inside network of the switch and prevents network intrusion or device corruption via the console port. It also prevents unauthorized configuration changes of the device.

[0014] Referring now to the FIGURE, the present invention includes a secure ethernet chassis and console port providing a processor capable of turning off an ethernet switch and/or router console port and then selectively recovering or turning on the port.

[0015] The present invention may include the following steps: [0016] 1. An added graphical user interface (GUI) to code service control configuration for ON/OFF console port [0017] 2. Turn off console serial port at CPU (processor) through machine code [0018] 3. Normalize the machine code within the CPU to see normal response for turned off console port [0019] 4. Add code to POST (Power On Self-Test) to return normal result even if console port is offi.e., normalize POST testing to normal [0020] 5. Add processor code to reverse processor service interrupts when feature is turned off

[0021] Step 1 adds an On/Off console command into the Operating System GUI (Linux). Steps 2-4 adds machine code instructions for CPU service interrupts as well as self-test interrupts for normal operation, regardless of the console port state. The last step provides the code to reverse the CPU service interrupts to normal console port operation. This process uses the CPU service interrupts for the console port. The present invention allows for the interrupt to be changed. The present invention normalizes the result on the self-test. The console port is completely dead to the processor when in the off-secured condition.

[0022] By following the above listed steps, in the order listed, the device console port (ethernet switch and/or router) can be secured from physical hacking, or tampering. In sum, through code, the reset button is selectively moved between an off-closed condition and an on-open condition. Coding may be used to normalize the Linux kernel.

[0023] A method of using the present invention may include the following. An operator implements the systemic code on an associated device via service control. Service control executes code and visually provides indicators to security. As a result, the present invention reduces theft and reduces known points of network penetration. Further, the present invention reduces the number of people able to access and use the network, thereby improving device safety by reducing device theft potential through securing the console port and chassis. Remote devices are secured despite questionable user-enabled physical security.

[0024] The present invention may work with ethernet switchesOSI layer 2; routersOSI layer 3 devices; and OSI layers 4-7 with console ports to secure any device using a console port, including Linux Medical devices, which are subject to this same issue of remote or unattended security.

[0025] It should be understood, of course, that the foregoing relates to exemplary embodiments of the invention and that modifications may be made without departing from the spirit and scope of the invention as set forth in the following claims.