Automatic provisioning and onboarding of offline or disconnected machines
US-12182236-B2 · Dec 31, 2024 · US
Real-time policy distribution
US2016205138A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016205138-A1 |
| Application number | US-201314913149-A |
| Country | US |
| Kind code | A1 |
| Filing date | Dec 19, 2013 |
| Priority date | Sep 28, 2013 |
| Publication date | Jul 14, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In an example, there is disclosed a method and system for real-time policy and task distribution to endpoints over a data exchange layer. According to one embodiment, a persistent point-to-point messaging framework is used to distributed configuration policy and tasks to a distributed, disparate set of devices immediately upon policy definition. Advantageously, the data exchange layer may facilitate delivery of messages even to endpoints that sit, for example, behind a firewall or NAT.
First claim
Opening claim text (preview).
1 . One or more non-transitory computer-readable mediums having stored thereon executable instructions for providing a domain master, the executable instructions operable to instruct a processor to: identify a policy update driver; configure a policy update; and publish the policy update as a data exchange layer (DXL) message. 2 . The computer-readable medium of claim 1 , wherein the DXL message is a command-level message. 3 . The computer-readable medium of claim 1 , wherein the DXL message is targeted to DXL endpoints. 4 . The computer-readable medium of claim 1 , wherein the instructions operable to identify a policy update driver are operable to receive a malware threat message from a threat intelligence service. 5 . The computer-readable medium of claim 1 , wherein the instructions operable to identify a policy update driver are operable to proactively identify a policy update need. 6 . The computer-readable medium of claim 1 , wherein the instructions operable to identify a policy update driver are operable to receive a policy update from an administrator. 7 . The computer-readable medium of claim 1 , wherein the instructions operable to configure a policy update are operable to direct DXL endpoints to take an action selected from the group consisting of quarantine, block, delete, sandbox, deny permissions, remedy, prompt, or custom action. 8 . A data exchange layer (DXL) domain master comprising: a processor; a network interface configured to communicatively coupled the processor to a DXL enterprise service bus; and a memory having stored therein executable instructions operable to instruct the processor to: identify a policy update driver; configure a policy update; and publish the policy update as a data exchange layer (DXL) message. 9 . The DXL domain master of claim 8 , wherein the DXL message is a command-level message. 10 . The DXL domain master of claim 8 , wherein the DXL message is targeted to DXL endpoints. 11 . The DXL domain master of claim 8 , wherein the instructions operable to identify a policy update driver are operable to receive a malware threat message from a threat intelligence service. 12 . The DXL domain master of claim 8 , wherein the instructions operable to identify a policy update driver are operable to proactively identify a policy update need. 13 . The DXL domain master of claim 8 , wherein the instructions operable to identify a policy update driver are operable to receive a policy update from an administrator. 14 . The DXL domain master of claim 8 , wherein the instructions operable to configure a policy update are operable to direct DXL endpoints to take an action selected from the group consisting of quarantine, block, delete, sandbox, deny permissions, remedy, prompt, or custom action. 15 . A method of providing DXL domain master services, comprising: identifying a policy update driver; configuring a policy update; and publishing the policy update as a data exchange layer (DXL) message. 16 . The method of claim 15 , wherein the DXL message is a command-level message. 17 . The method of claim 15 , wherein the DXL message is targeted to DXL endpoints. 18 . The method of claim 15 , wherein identifying a policy update driver comprises receiving a malware threat message from a threat intelligence service. 19 . The method of claim 15 , wherein identifying a policy update driver comprises proactively identifying a policy update need. 20 . The method of claim 15 , wherein identifying a policy update driver comprises receiving a policy update from an administrator. 21 . The method of claim 15 , wherein configuring a policy update comprises directing DXL endpoints to take an action selected from the group consisting of quarantine, block, delete, sandbox, deny permissions, remedy, prompt, or custom action.
Assignees
Inventors
Classifications
- G06F21/57Primary
Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities · CPC title
for detecting or protecting against malicious traffic · CPC title
- H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
Configuration setting · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016205138A1 cover?
- In an example, there is disclosed a method and system for real-time policy and task distribution to endpoints over a data exchange layer. According to one embodiment, a persistent point-to-point messaging framework is used to distributed configuration policy and tasks to a distributed, disparate set of devices immediately upon policy definition. Advantageously, the data exchange layer may facil…
- Who is the assignee on this patent?
- Krishnaprasad Vijayasree, Mcafee Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/57. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Jul 14 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).