Group policy object management of external network resources
First Claim
1. An Active Directory Bridge Group Policy Object system for managing an external network resource from an internal network, the system comprising:
- an Active Directory (AD) Bridge Gateway device residing in a first network for managing networked devices via Group Policy Objects, the AD Bridge Gateway device including a memory and a processor;
an AD Bridge Gatekeeper device residing in a second network, the second network external to the first network, the AD Bridge Gatekeeper device in networked communication with the AD Bridge Gateway device; and
an AD Bridge Agent residing on an external network resource in a third network, the third network external to the second network and to the first network, the external network resource unable to directly join the first network;
wherein the AD Bridge Gateway device processor is configured to;
connect the external network resource to the AD Bridge Gateway device in the first network;
generate a Group Policy Object for the external network resource, the Group Policy Object including a configuration change for the external network resource; and
send the Group Policy Object to the external network resource to apply the configuration change to the external network resource; and
wherein;
the AD Bridge Gatekeeper device is in networked communication with the AD Bridge Gateway device through a first network boundary;
the AD Bridge Agent is in networked communication with the AD Bridge Gatekeeper device through a second network boundary; and
the first network boundary provides greater network security than the second network boundary.
1 Assignment
0 Petitions
Accused Products
Abstract
An Active Directory Bridge (AD Bridge) provides the ability to register, represent, and manage external network resources on an internal network using Group Policy Objects (GPOs). The AD bridge provides the ability to create GPOs in native Active Directory, where the settings are managed within the GPO and can be associated with Active Directory Organizational Units. The AD bridge provides the ability to manage, monitor, and enforce these settings for external cloud resources by Group Policy. The GPOs may be read from the Domain Controller (e.g., Sysvol) by the AD bridge, then translated and delivered to the cloud resource being managed. As GPOs are updated and deployed, the settings are detected and delivered to the cloud resource. When the cloud resource settings are changed outside of the GPO, the AD bridge monitors and reacts to any changes, making Group Policy the enforcement mechanism for the cloud resources.
20 Citations
17 Claims
-
1. An Active Directory Bridge Group Policy Object system for managing an external network resource from an internal network, the system comprising:
-
an Active Directory (AD) Bridge Gateway device residing in a first network for managing networked devices via Group Policy Objects, the AD Bridge Gateway device including a memory and a processor; an AD Bridge Gatekeeper device residing in a second network, the second network external to the first network, the AD Bridge Gatekeeper device in networked communication with the AD Bridge Gateway device; and an AD Bridge Agent residing on an external network resource in a third network, the third network external to the second network and to the first network, the external network resource unable to directly join the first network; wherein the AD Bridge Gateway device processor is configured to; connect the external network resource to the AD Bridge Gateway device in the first network; generate a Group Policy Object for the external network resource, the Group Policy Object including a configuration change for the external network resource; and send the Group Policy Object to the external network resource to apply the configuration change to the external network resource; and wherein; the AD Bridge Gatekeeper device is in networked communication with the AD Bridge Gateway device through a first network boundary; the AD Bridge Agent is in networked communication with the AD Bridge Gatekeeper device through a second network boundary; and the first network boundary provides greater network security than the second network boundary. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An Active Directory Bridge Group Policy Object method for managing an external network resource from an internal network, the method comprising:
-
connecting an Active Directory (AD) Bridge Agent on an external network resource through an AD Bridge Gatekeeper to an AD Bridge Gateway device, the AD Bridge Gateway device residing in a first network, the external network resource unable to directly join the first network, the AD Bridge Gatekeeper device residing in a second network external to the first network, the AD Bridge Gatekeeper device in networked communication with the AD Bridge Gateway device through a first network boundary, the AD Bridge Agent residing on the external network resource in a third network external to the second network and to the first network, the AD Bridge Agent in networked communication with the AD Bridge Gatekeeper device through a second network boundary, the first network boundary providing greater network security than the second network boundary; generating a Group Policy Object for the external network resource, the Group Policy Object including a configuration change for the external network resource; and sending the Group Policy Object to the external network resource to apply the configuration change to the external network resource. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. At least one non-transitory machine-readable storage medium, comprising a plurality of instructions that, responsive to being executed with processor circuitry of a computer-controlled device, cause the computer-controlled device to:
-
connect an Active Directory (AD) Bridge Agent on an external network resource through an AD Bridge Gatekeeper to an AD Bridge Gateway device, the AD Bridge Gateway device residing in a first network, the external network resource unable to directly join the first network, the AD Bridge Gatekeeper device residing in a second network external to the first network, the AD Bridge Gatekeeper device in networked communication with the AD Bridge Gateway device through a first network boundary, the AD Bridge Agent residing on the external network resource in a third network external to the second network and to the first network, the AD Bridge Agent in networked communication with the AD Bridge Gatekeeper device through a second network boundary, the first network boundary providing greater network security than the second network boundary; generate a Group Policy Object for the external network resource, the Group Policy Object including a configuration change for the external network resource; and send the Group Policy Object to the external network resource to apply the configuration change to the external network resource. - View Dependent Claims (14, 15, 16, 17)
-
Specification