End point control
First Claim
1. A method of determining an operating environment of a remote computer, comprising:
- installing an interrogator agent onto the remote computer; and
receiving interrogation results produced by the interrogator agent.
18 Assignments
0 Petitions
Accused Products
Abstract
Systems and techniques are provided for controlling requests for resources from remote computers. A remote computer'"'"'s ability to access a resource is determined based upon the computer'"'"'s operating environment. The computer or computers responsible for controlling access to a resource will interrogate the remote computer to ascertain its operating environment. The computer or computers responsible for controlling access to a resource may, for example, download one or more interrogator agents onto the remote computer to determine its operating environment. Based upon the interrogation results, the computer or computers responsible for controlling access to a resource will control the remote computer'"'"'s access to the requested resource.
-
Citations
18 Claims
-
1. A method of determining an operating environment of a remote computer, comprising:
-
installing an interrogator agent onto the remote computer; and
receiving interrogation results produced by the interrogator agent. - View Dependent Claims (2, 3, 4)
-
-
5. A method of controlling an end point computer'"'"'s access to a resource, comprising:
-
receiving a request for a resource from a remote computer;
in response to receiving the request, installing a first interrogator agent onto the remote computer;
receiving first interrogation results produced by the first interrogator agent;
identifying one or more security process objects corresponding to the received interrogation results;
installing the identified security process objects onto the remote computer;
authenticating an identity of a user of the remote computer;
after authenticating the identity of the user of the remote computer, installing a second interrogator agent onto the remote computer;
receiving second interrogation results produced by the second interrogator agent; and
based upon the first interrogation results and the second interrogation results, assigning the remote computer a zone of trust; and
determining whether the remote computer can access the requested resource based upon the assigned zone of trust. - View Dependent Claims (6, 7, 8)
-
-
9. A method provisioning resources to a remote computer, comprising:
-
creating at least one rule identifying a remote computer operating environment, and one or more process objects to be provisioned onto the remote computer in response to a request from the remote computer for a resource. - View Dependent Claims (10)
-
-
11. A method of provisioning a remote computer, comprising:
-
receiving a communication from a remote computer;
installing at least one interrogator agent onto the remote computer;
receiving interrogation results produced by the at least one interrogator agent;
based upon the interrogation results, identifying one or more process objects that may be supported by an operating environment of the remote computer; and
installing the one or more process objects onto the remote computer. - View Dependent Claims (12, 13, 14)
-
-
15. A method of performing an activity based upon an operating environment of a remote computer, comprising:
-
installing an interrogator agent onto the remote computer; and
receiving interrogation results produced by the interrogator agent;
assigning a zone of trust to the remote computer based upon the interrogation results produce by the interrogator; and
performing an action associated with the zone of trust. - View Dependent Claims (16)
-
-
17. A server system, comprising:
-
an access server that receives communications from a client computer;
a provisioning server that installs at least one interrogator agent onto a client computer communicating with the access server;
an end point control server that analyzes interrogation results provided by the at least one interrogator agent, and assigns a zone of trust to the client computer based upon the interrogation results provided by the at least one interrogator agent.
-
-
18. The server system recited in claim 18, further comprising:
a policy server implementing rules for associating a zone of trust with an operating environment of a client computer.
Specification