Network appliance for vulnerability assessment auditing over multiple networks
First Claim
1. A method to manage an audit by an audit device, comprising:
- initiating, by the audit device, communication between an audit extension device and the audit device for the audit by sending a request for the audit to be performed on a computing asset through a security perimeter to the audit extension device, the request for the audit including a request for information to be provided by the computing asset, wherein the computing asset is separate from the audit device;
receiving, by the audit device, an audit result of the audit from the audit extension device through the security perimeter;
determining, by the audit device, whether the audit result indicates that the computing asset satisfies a security policy;
instructing, by the audit device, the audit extension device to quarantine the computing asset in a quarantined network in response to the computing asset failing to satisfy the security policy; and
relinquishing, by the audit device, operations to the audit extension device, in response to the computing asset failing to satisfy the security policy.
3 Assignments
0 Petitions
Accused Products
Abstract
An apparatus, system, and method are directed towards enabling auditing of network vulnerabilities from multiple network vantage points virtually simultaneously. Multiple network vantage points may include, but are not limited to, remote/branch enterprise sites, devices on an enterprise perimeter, on either side of a security perimeter, and even through the security perimeter. In one embodiment, an auditor performs reflected audits thereby extending auditing of network vulnerabilities to provide a comprehensive 360 degree audit of internal, external, and remote enterprise network sites. In one embodiment, the present invention may be implemented employing a single auditing device, and one or more audit extension devices that are configured to extend the auditing device'"'"'s audit reach. The auditing device and one or more audit extension devices may communicate using an encrypted network channel through a security perimeter and/or across multiple networks.
61 Citations
18 Claims
-
1. A method to manage an audit by an audit device, comprising:
-
initiating, by the audit device, communication between an audit extension device and the audit device for the audit by sending a request for the audit to be performed on a computing asset through a security perimeter to the audit extension device, the request for the audit including a request for information to be provided by the computing asset, wherein the computing asset is separate from the audit device; receiving, by the audit device, an audit result of the audit from the audit extension device through the security perimeter; determining, by the audit device, whether the audit result indicates that the computing asset satisfies a security policy; instructing, by the audit device, the audit extension device to quarantine the computing asset in a quarantined network in response to the computing asset failing to satisfy the security policy; and relinquishing, by the audit device, operations to the audit extension device, in response to the computing asset failing to satisfy the security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method to manage an audit by an audit extension device, comprising:
-
receiving, by the audit extension device, a request for the audit to be performed on a computing asset through a security perimeter from an audit device, the request for the audit including a request for information to be provided by the computing asset, wherein the computing asset is separate from the audit device; sending, by the audit extension device, an audit result of the audit through the security perimeter to the audit device, wherein the audit device determines whether the audit result satisfies a security policy; receiving, by the audit extension device, instructions to quarantine the computing asset in a quarantined network in response to the computing asset failing to satisfy the security policy; and assuming operations of the audit device, by the audit extension device, in response to the computing asset failing to satisfy the security policy. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system to manage an audit, comprising:
-
an audit extension device; and an audit device, configured to; initiate communication with the audit extension device for the audit by sending a request for the audit to be performed on a computing asset through a security perimeter to the audit extension device, the request for the audit including a request for information to be provided by the computing asset, wherein the computing asset is separate from the audit device, receive an audit result of the audit from the audit extension device through the security perimeter, determine whether the audit result indicates that the computing asset satisfies a security policy, and instruct the audit extension device to quarantine the computing asset in a quarantined network in response to the computing asset failing to satisfy the security policy, wherein the audit extension device is configured to assume operations of the audit device, in response to the computing asset failing to satisfy the security policy. - View Dependent Claims (18)
-
Specification