Enterprise console
First Claim
1. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of the networks of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, an apparatus comprising:
- an enterprise console comprising a centrally managed advisory diffusion mechanism and a protocol for diffusing said advisories across said network;
a plurality of advisories specifying relevance criteria and an action, at least one advisory describing a problem that has been discovered on a client;
wherein said distributed clients gather said advisories and process said advisories; and
wherein said advisories formally target specific states of a computational device and formally specify actions to take in response thereto.
2 Assignments
0 Petitions
Accused Products
Abstract
A console for an enterprise suite is disclosed. The enterprise suite addresses the increasingly complex problem of keeping critical systems updated, compatible, and free of security holes. It uses Fixlet® technology to identify vulnerable computers on the network and then allows authorized personnel to correct problems across any subset of the network with a few simple mouse-clicks. The enterprise suite helps keep the networked computers updated and properly patched, all from a central console which, along with supporting architectural enhancements, is the subject matter of this document. The invention allows rolling out a security patch in minutes instead of months, thus allowing an administrator to stay ahead of potential hacker attacks. The invention also makes it possible to track the progress of each computer as updates are applied, thus making it simple to gauge the level of compliance across the entire enterprise.
-
Citations
67 Claims
-
1. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of the networks of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, an apparatus comprising:
-
an enterprise console comprising a centrally managed advisory diffusion mechanism and a protocol for diffusing said advisories across said network;
a plurality of advisories specifying relevance criteria and an action, at least one advisory describing a problem that has been discovered on a client;
wherein said distributed clients gather said advisories and process said advisories; and
wherein said advisories formally target specific states of a computational device and formally specify actions to take in response thereto. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An enterprise management apparatus, comprising:
-
a centrally managed advisory diffusion server for gathering advisories from an advisory site, wherein said advisories comprise relevance criteria and an action, and wherein said advisories identify relevant computers on a network and allow authorized personnel to monitor, modify, and maintain said computers across any subset of said network;
a console in communication with said server for displaying any of changes and new knowledge about said network; and
a plurality of clients associated with said network, each client processing said advisories based upon a relevance determination, inspecting an associated computer, and reporting any relevance determination and actions to said server - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. In a network comprising a plurality of managed computers, an enterprise management apparatus, comprising:
-
a console for providing a system-wide view of said managed computers, along with specific characteristics thereof and associated actions, and for distributing information only to those computers for which said information is relevant;
a client associated with each managed computer for accessing a collection of messages comprising said information and that identify relevant computer characteristics, wherein if said characteristics are identified, said client implements associated actions received from said console; and
a server for coordinating information flow to and from individual clients and for storing results in a database. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of the networks of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, and a server for coordinating information flow to and from individual clients, an apparatus comprising:
-
at least one relay for offloading a download burden from said server, wherein said clients download from a designated relay;
wherein said server distributes each advisory once to said relay, which in turn distributes said advisory to said clients; and
overhead on said server is reduced by a ratio of relays to clients. - View Dependent Claims (26, 27, 28, 29)
-
-
30. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of the networks of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, a method comprising the steps of:
-
providing a centrally managed advisory diffusion mechanism and a protocol for diffusing said advisories across said network;
providing a plurality of advisories specifying relevance criteria and an action, at least one advisory describing a problem that has been discovered on a client, said advisory comprising a short, clear explanation of said problem;
wherein said distributed clients gather said advisories and process said advisories; and
wherein said advisories formally target specific states of a computational device and formally specify actions to take in response thereto. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. An enterprise management method, comprising the steps of:
-
gathering advisories from an advisory site with a centrally managed advisory diffusion server, wherein said advisories comprise relevance criteria and an action, and wherein said advisories identify relevant computers on a network and allow authorized personnel to monitor, modify, and maintain said computers across any subset of said network;
displaying any of changes and new knowledge about said network with a console in communication with said server; and
providing a plurality of clients associated with said network, each client processing said advisories based upon a relevance determination, inspecting an associated computer, and reporting any relevance determination and actions to said server - View Dependent Claims (42, 43, 44, 45, 46)
-
-
47. An enterprise management method for a network comprising a plurality of managed computers, comprising the steps of:
-
providing a system-wide view of said managed computers, along with specific characteristics thereof and associated actions, and for distributing information only to those computers for which said information is relevant;
providing a client associated with each managed computer for accessing a collection of messages comprising said information and that identify relevant computer characteristics, wherein if said characteristics are identified, said client implements associated actions received from said console; and
coordinating information flow to and from individual clients and for storing results in a database. - View Dependent Claims (48, 49, 50, 51, 52, 53)
-
-
54. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of the networks of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, and a server for coordinating information flow to and from individual clients, a method comprising the steps of:
-
offloading a download burden from said server with a relay, wherein said clients download from a designated relay;
said server distributing each advisory once to said relay, which in turn distributes said advisory to said clients; and
reducing overhead on said server a ratio of relays to clients. - View Dependent Claims (55, 56, 57, 58)
-
-
59. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of the networks of computational devices, said system comprising:
- a plurality of distributed clients, each of which runs on a corresponding networked computational device, a server for coordinating information flow to and from individual clients, and a plurality of relays, each of which aggregates and mediates communication between said distributed clients and said server, an apparatus comprising;
means associated with each said client for evaluating a relevance clause identifying a file or group of files to upload to said server from the associated computational device;
means associated with each said client for aggregating a file or group of files resident on a corresponding networked computational device into a file collection;
wherein said relay offloads an upload burden from said server; and
wherein said clients upload said file collection to said server via a designated relay; and
means associated with each said client for distributing each file collection once to said relay, which in turn distributes said file collection to said server. - View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67)
- a plurality of distributed clients, each of which runs on a corresponding networked computational device, a server for coordinating information flow to and from individual clients, and a plurality of relays, each of which aggregates and mediates communication between said distributed clients and said server, an apparatus comprising;
Specification