Universal security agent
First Claim
1. A method comprising:
- loading, by a base agent of a universal security agent deployed on a computing endpoint, a security agent plugin module into a memory associated with the computing endpoint;
registering, by the base agent, a plugin task of the security agent plugin module;
scheduling, by the base agent, the plugin task of the security agent plugin module based on one of a policy associated with the security agent plugin module and system access information associated with the security agent plugin module;
executing, by the base agent, the plugin task based on the scheduling;
controlling, by the base agent, a request for system access generated during the execution of the plugin task based on an inspection of the policy associated with the security agent plugin module; and
monitoring and logging, by the base agent, system access information associated with the security agent plugin module, the system access information comprising data associated with the request for system access,wherein controlling the request for system access comprises;
receiving, by the base agent, the request for system access, the request for system access comprising identifying information associated with the security agent plugin module;
based on the identifying information, determining, by the base agent, that the security agent plugin module is associated with the request for system access;
retrieving, by the base agent, the policy associated with the security agent plugin module from a plugin policy database of the memory of the computing endpoint;
determining, by the base agent, that the policy allows the request for system access by the security agent plugin module; and
interacting, by the base agent, with system resources of the computing endpoint based on an allowed system access request by the security agent plugin module.
1 Assignment
0 Petitions
Accused Products
Abstract
A universal security agent deployed on a computing endpoint includes one or both of a base agent and a security agent plugin module. The base agent loads the security agent plugin module and, in response, receives plugin tasks from the security agent plugin module for registration. The base agent schedules the received plugin tasks based on a policy and/or a system access information associated with the security agent plugin module. Further, the base agent executes the plugin tasks based on the scheduling. The base agent controls system access requests generated during the execution of the plugin tasks based on the policy associated with the security agent plugin module. Additionally, the base agent monitors and logs system access information associated with the security agent plugin module.
31 Citations
20 Claims
-
1. A method comprising:
-
loading, by a base agent of a universal security agent deployed on a computing endpoint, a security agent plugin module into a memory associated with the computing endpoint; registering, by the base agent, a plugin task of the security agent plugin module; scheduling, by the base agent, the plugin task of the security agent plugin module based on one of a policy associated with the security agent plugin module and system access information associated with the security agent plugin module; executing, by the base agent, the plugin task based on the scheduling; controlling, by the base agent, a request for system access generated during the execution of the plugin task based on an inspection of the policy associated with the security agent plugin module; and monitoring and logging, by the base agent, system access information associated with the security agent plugin module, the system access information comprising data associated with the request for system access, wherein controlling the request for system access comprises; receiving, by the base agent, the request for system access, the request for system access comprising identifying information associated with the security agent plugin module; based on the identifying information, determining, by the base agent, that the security agent plugin module is associated with the request for system access; retrieving, by the base agent, the policy associated with the security agent plugin module from a plugin policy database of the memory of the computing endpoint; determining, by the base agent, that the policy allows the request for system access by the security agent plugin module; and interacting, by the base agent, with system resources of the computing endpoint based on an allowed system access request by the security agent plugin module. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory tangible computer-readable medium comprising a plurality of instructions, which, when executed by a base agent deployed in a computing endpoint, cause the base agent to perform operations comprising:
-
receiving a plugin task of a security agent plugin module deployed on the computing endpoint; scheduling the plugin task of the security agent plugin module based on one of a policy associated with the security agent plugin module and system access information associated with the security agent plugin module; executing the plugin task based on the scheduling; controlling a request for system access generated during the executing of the plugin task based on an inspection of the policy associated with the security agent plugin module; monitoring and logging system access information associated with the security agent plugin module, the system access information comprising data associated with the request for system access; multiplexing and encrypting communication data from the security agent plugin module and another security agent plugin module deployed on the computing endpoint to generate multiplexed and encrypted communication data; and transmitting the multiplexed and encrypted communication data from the security agent plugin module and the another security agent plugin module to a proxy gateway as a single communication session over a common communication channel, wherein controlling the request for system access comprises; receiving, by the base agent, the request for system access, the request for system access comprising identifying information associated with the security agent plugin module; based on the identifying information, determining, by the base agent, that the security agent plugin module is associated with the request for system access; retrieving, by the base agent, the policy associated with the security agent plugin module from a plugin policy database of the memory of the computing endpoint; determining, by the base agent, that the policy allows the request for system access by the security agent plugin module; and interacting, by the base agent, with system resources of the computing endpoint based on an allowed system access request by the security agent plugin module. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method comprising:
-
loading, by a base agent of a universal security agent deployed on a computing endpoint, a security agent plugin module into a memory associated with the computing endpoint; registering, by the base agent, a plugin task of the security agent plugin module; scheduling, by the base agent, the plugin task of the security agent plugin module based on one of a policy associated with the security agent plugin module and system access information associated with the security agent plugin module; executing, by the base agent, the plugin task based on the scheduling; controlling, by the base agent, a request for system access generated during the execution of the plugin task based on an inspection of the policy associated with the security agent plugin module; and monitoring and logging, by the base agent, system access information associated with the security agent plugin module, the system access information comprising data associated with the request for system access, wherein loading the security agent plugin module comprises; registering the base agent with a universal security agent controller that is communicably coupled to the universal security agent over a communication network; transmitting, by the base agent, a current list of configured security agent plugin modules to the universal security agent controller, the current list of configured security agent plugin modules comprising the security agent plugin module; downloading, by the base agent, plugin package files associated with the security agent plugin module that are received from a repository associated with the universal security agent controller in response to transmitting the current list of configured security agent plugin modules; and loading, by the base agent, the plugin package files associated with the security agent plugin module to the memory associated with the computing endpoint. - View Dependent Claims (17, 18, 19, 20)
-
Specification