Systems and methods for implementing security
First Claim
1. A computer security system comprising:
- one or more processing units;
a memory; and
one or more programs stored in the memory and configured for execution by the one or more processing units, the one or more programs including instructions for;
(a) transmitting a first set of commands to a first agent program running within a first operating system within a first virtual machine on a first remote computer distinct from the computer security system, wherein the transmitting (a) uses a first encrypted communication channel between the computer security system and the first virtual machine, and wherein the first encrypted communication channel is formed using a first API key; and
(b) transmitting the first set of commands to a second agent program running within a second operating system within a second virtual machine on a second remote computer distinct from the computer security system, wherein the transmitting (b) uses a second encrypted communication channel between the computer security system and the second virtual machine, the second encrypted communication channel is formed using the first API key, the first set of commands is associated with a first policy domain, in a plurality of policy domains, and wherein the first policy domain comprises the first virtual machine and the second virtual machine, and is uniquely associated with the first API key.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and method are provided in accordance with one or more processes that run within an operating system, in which a first process of the one or more processes is an agent that encodes instructions for obtaining an authentication token uniquely associated with the agent. The agent collects security information about a first computer system running the one or more processes according to one or more commands received from a remote security system. The collected information is transmitted to the remote security system on an encrypted communication channel between the agent and the remote security system using the authentication token. Executable instructions are received through the encrypted communication channel at the first computer from the remote server according to a security policy assigned to the agent. The received executable instructions are executed at the first computer system, thereby implementing the assigned security policy.
-
Citations
20 Claims
-
1. A computer security system comprising:
-
one or more processing units; a memory; and one or more programs stored in the memory and configured for execution by the one or more processing units, the one or more programs including instructions for; (a) transmitting a first set of commands to a first agent program running within a first operating system within a first virtual machine on a first remote computer distinct from the computer security system, wherein the transmitting (a) uses a first encrypted communication channel between the computer security system and the first virtual machine, and wherein the first encrypted communication channel is formed using a first API key; and (b) transmitting the first set of commands to a second agent program running within a second operating system within a second virtual machine on a second remote computer distinct from the computer security system, wherein the transmitting (b) uses a second encrypted communication channel between the computer security system and the second virtual machine, the second encrypted communication channel is formed using the first API key, the first set of commands is associated with a first policy domain, in a plurality of policy domains, and wherein the first policy domain comprises the first virtual machine and the second virtual machine, and is uniquely associated with the first API key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer security system comprising:
-
one or more processing units; a memory; and one or more programs stored in the memory and configured for execution by the one or more processing units, the one or more programs including instructions for; (a) transmitting a first set of commands to a first agent program running within a first operating system within a first virtual machine on a first remote computer distinct from the computer security system, wherein the transmitting (a) uses a first encrypted communication channel between the computer security system and the first virtual machine, and wherein the first encrypted communication channel is formed using a first API key, wherein the first set of commands is associated with a first policy domain, in a plurality of policy domains, and wherein the first policy domain comprises the first virtual machine and the first API key; and (b) transmitting a second set of commands to a second agent program running within a second operating system within a second virtual machine on a second remote computer distinct from the computer security system, wherein the transmitting (a) uses a second encrypted communication channel between the computer security system and the second virtual machine, wherein the second encrypted communication channel is formed using a second API key, the second set of commands is associated with a second policy domain, in the plurality of policy domains, and wherein the second policy domain includes the second virtual machine and is uniquely associated with the second API key. - View Dependent Claims (19, 20)
-
Specification