Risk information output device, information output system, risk information output method, and recording medium
US-2024414180-A1 · Dec 12, 2024 · US
Network appliance for vulnerability assessment auditing over multiple networks
US2016205129A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016205129-A1 |
| Application number | US-201615079224-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 24, 2016 |
| Priority date | Jan 19, 2005 |
| Publication date | Jul 14, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An apparatus, system, and method are directed towards enabling auditing of network vulnerabilities from multiple network vantage points virtually simultaneously. Multiple network vantage points may include, but are not limited to, remote/branch enterprise sites, devices on an enterprise perimeter, on either side of a security perimeter, and even through the security perimeter. In one embodiment, an auditor performs reflected audits thereby extending auditing of network vulnerabilities to provide a comprehensive 360 degree audit of internal, external, and remote enterprise network sites. In one embodiment, the present invention may be implemented employing a single auditing device, and one or more audit extension devices that are configured to extend the auditing device's audit reach. The auditing device and one or more audit extension devices may communicate using an encrypted network channel through a security perimeter and/or across multiple networks.
First claim
Opening claim text (preview).
We claim: 1 . A method for managing an audit by an audit device, comprising: initiating, by an audit device, communication between an audit extension device and the audit device for an audit by sending a request for the audit to be performed on a computing asset through a security perimeter to the audit extension device, the request for the audit including a request for information to be provided by the computing asset, wherein the computing asset is separate from the audit device; receiving, by the audit device, an audit result of the audit from the audit extension device through the security perimeter; determining, by the audit device, whether the audit result indicates that the computing asset complies with a security policy; and instructing, by the audit device, the audit extension device to quarantine the computing asset in a quarantined network in response to the computing asset failing to satisfy the security policy. 2 . The method of claim 1 , further comprising removing the computing asset, by the audit extension device, from the quarantined network in response to the audit result indicating that the computing asset satisfies the security policy. 3 . The method of claim 1 , further comprising isolating, by a switch, selected network traffic between the quarantined network and other networks and devices. 4 . The method of claim 1 , further comprising the audit device relinquishing operations to the audit extension device, in response to the computing asset failing to satisfy the security policy. 5 . The method of claim 4 , further comprising the audit device assuming the operations of the audit extension device, in response to at least one of: the computing asset satisfying the security policy, or a network device assuming operations of the audit device. 6 . The method of claim 1 , wherein the computing asset is on a same side of the security perimeter as the audit extension device. 7 . The method of claim 1 , wherein the request for the audit further includes at least one of a request for a configuration, a probe, or a request for a resource associated with the computing asset. 8 . The method of claim 1 , wherein at least one of the receiving the request for the audit or the sending the result of the audit is performed through a secure network path. 9 . The method of claim 1 , wherein the computing asset is on a different networking side of the security perimeter as the audit extension device. 10 . A method for managing an audit by an audit extension device, comprising: receiving, by an audit extension device, a request for an audit to be performed on a computing asset through a security perimeter from an audit device, the request for the audit including a request for information to be provided by the computing asset, wherein the computing asset is separate from the audit device; sending, by the audit extension device, an audit result of the audit through the security perimeter to the audit device, wherein the audit device determines whether the audit result complies to a security policy; and receiving, by the audit extension device, instructions to quarantine the computing asset in a quarantined network in response to the computing asset failing to satisfy the security policy. 11 . The method of claim 10 , further comprising removing the computing asset, by the audit extension device, from the quarantined network in response to the audit result indicating that the computing asset satisfies the security policy. 12 . The method of claim 10 , further comprising isolating, by a switch, selected network traffic between the quarantined network and other networks and devices. 13 . The method of claim 10 , further comprising assuming operations of the audit device, by the audit extension device, in response to the computing asset failing to satisfy the security policy. 14 . The method of claim 13 , further comprising relinquishing operations to the audit device, by the audit extension device, in response to at least one of: the computing asset satisfying the security policy, or a network device assuming operations of the audit device. 15 . The method of claim 10 , wherein the computing asset is on a same side of the security perimeter as the audit extension device. 16 . The method of claim 10 , wherein the request for the audit further includes at least one of a request for a configuration, a probe, or a request for a resource associated with the computing asset. 17 . The method of claim 10 , wherein at least one of the receiving the request for the audit or the sending the result of the audit is performed through a secure network path. 18 . The method of claim 10 , wherein the computing asset is on a different networking side of the security perimeter as the audit extension device. 19 . A system for managing an audit, comprising: an audit extension device; and an audit device, configured to: initiate communication with the audit extension device for an audit by sending a request for the audit to be performed on a computing asset through a security perimeter to the audit extension device, the request for the audit including a request for information to be provided by the computing asset, wherein the computing asset is separate from the audit device, receive an audit result of the audit from the audit extension device through the security perimeter, determine whether the audit result indicates that the computing asset complies with a security policy, and instruct the audit extension device to quarantine the computing asset in a quarantined network in response to the computing asset failing to satisfy the security policy. 20 . The system of claim 19 , wherein the audit extension device is configured to: assume operations of the audit device, in response to the computing asset failing to satisfy the security policy; and relinquish operations to the audit device, in response to at least one of: the computing asset satisfying the security policy, or a network device assuming operations of the audit device.
Assignees
Inventors
Classifications
by monitoring network traffic (monitoring network traffic per se H04L43/00) · CPC title
Assessing vulnerabilities and evaluating computer system security · CPC title
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
- H04L63/1433Primary
Vulnerability analysis · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016205129A1 cover?
- An apparatus, system, and method are directed towards enabling auditing of network vulnerabilities from multiple network vantage points virtually simultaneously. Multiple network vantage points may include, but are not limited to, remote/branch enterprise sites, devices on an enterprise perimeter, on either side of a security perimeter, and even through the security perimeter. In one embodiment…
- Who is the assignee on this patent?
- Callahan Cellular Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/1433. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jul 14 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).