Policy-protection proxy
First Claim
Patent Images
1. A policy-enforcement proxy system comprising:
- a first network of computing devices including a first device;
a proxy through which the first network is connected to a second network of computing devices;
a database of configuration information comprising, for each of a plurality of devices in the first network, including the first device;
an identifier for the device; and
a security status flag indicating whether the device complies with a predetermined security policy. wherein the proxy blocks connection requests from devices in the plurality of devices to devices in the second network when the security status flag associated with the requesting device indicates that the requesting device does not comply with the predetermined security policy.
0 Assignments
0 Petitions
Accused Products
Abstract
A database maintains security status information on each device in a network, based on whether the device'"'"'s operating system, software, and patches are installed and configured to meet a baseline level of security. A network gateway proxy blocks connection attempts from devices for which the database indicates a substandard security status, but allows connections from other devices to pass normally. The database is preferably updated on a substantially real-time basis by client-side software run by each device in the network.
33 Citations
5 Claims
-
1. A policy-enforcement proxy system comprising:
-
a first network of computing devices including a first device;
a proxy through which the first network is connected to a second network of computing devices;
a database of configuration information comprising, for each of a plurality of devices in the first network, including the first device;
an identifier for the device; and
a security status flag indicating whether the device complies with a predetermined security policy. wherein the proxy blocks connection requests from devices in the plurality of devices to devices in the second network when the security status flag associated with the requesting device indicates that the requesting device does not comply with the predetermined security policy. - View Dependent Claims (2, 3, 4, 5)
-
Specification