Network management

US 20050172019A1
Filed: 01/11/2005
Published: 08/04/2005
Est. Priority Date: 01/31/2004
Status: Active Grant

First Claim

Patent Images

1. A method of administering a network of computing entities comprising the steps of:

probing an entity for vulnerabilities and generating a log of the or each vulnerability against the network address of the entity;

in response to a query from the entity, retrieving from the log, vulnerabilities of the entity; and

receiving from the entity, data identifying its associated user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of operating a computing entity in a network having a log mapping computing entity network addresses to vulnerabilities, the method comprising the steps of: using the entity'"'"'s network address, searching the log to establish what vulnerabilities the entity has; and if the log indicates the entity has a vulnerability, sending data identifying a user of the entity to an administrator of the network.

63 Citations

View as Search Results

14 Claims

1. A method of administering a network of computing entities comprising the steps of:
- probing an entity for vulnerabilities and generating a log of the or each vulnerability against the network address of the entity;
  
  in response to a query from the entity, retrieving from the log, vulnerabilities of the entity; and
  
  receiving from the entity, data identifying its associated user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A method according to claim 1 further comprising the step, subsequent to retrieving the vulnerabilities of the entity, of sending a list of vulnerabilities to the entity.
  - 3. A method according to claim 1 further comprising the step of logging, against the entity network address, user identity and user contact data for the entity.
  - 4. A method according to claim 1 further comprising the steps of:
    - sending to the administrator status data relating to the status of the vulnerable entity; and
      
      using the status data to determine whether the vulnerable machine is able to defer patching.
  - 5. A method according to claim 4 wherein the status data provides that the entity is able to defer patching, and the method further comprises the step of logging a deferred date for patching against at least one of network address and user identity data.
  - 6. A method according to claim 5 wherein network addresses are allocated dynamically and the step of searching the log of network addresses to establish what vulnerabilities an entity has includes the step of searching for a network address allocated at a specified time and date.
  - 7. A method according to claim 1 wherein the step of probing an entity for vulnerabilities and generating a log of the or each vulnerability against the network address of the entity comprises the steps of:
    - establishing identities of computing elements of the entity, and retrieving from a record of computing element identities against vulnerabilities, vulnerabilities;
      
      recording the retrieved vulnerabilities against the network address of the entity.

8. A method of operating a computing entity in a network having a log mapping computing entity network addresses to vulnerabilities, the method comprising the steps of:
- using the entity'"'"'s network address, searching the log to establish what vulnerabilities the entity has; and
  
  if the log indicates the entity has a vulnerability, sending data identifying a user of the entity to an administrator of the network.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. A method according to claim 8 further comprising the step of sending data indicating a status of the entity to the administrator.
  - 10. A method according to claim 9 further comprising the step of receiving from the administrator a deadline for patching of the vulnerability.
  - 11. A method according to claim 8 wherein:
    - network addresses are allocated dynamically;
      
      for each occasion of allocation of a network address the log indicates the allocated address and the date and time of allocation; and
      
      the log additionally maps vulnerabilities to occasions of allocation of addresses.
  - 12. A method according to claim 11 further comprising the step of receiving a dynamic network address for the entity, and for each occasion of allocation, recording, at the entity, the date and time of an address'"'"' allocation and the date and time of its release.
  - 13. A method according to claim 12 further comprising the step, using the entity'"'"'s recorded date and time of allocation of a particular network address, of searching the log for an occasion of allocation of the particular network address which matches an occasion of allocation of the particular address recorded by the entity, thereby to establish what vulnerabilities in the log map to occasions of the entity'"'"'s use of the particular address, and hence, to the entity itself.

14. A computer program product for use on a computing entity within a network having a log mapping computing entity network addresses to vulnerabilities, the program being adapted to:
- using the entity'"'"'s network address, search the log to establish what vulnerabilities the entity has; and
  
  if the log indicates the entity has a vulnerability, send data identifying a user of the entity to an administrator of the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Norman, Andrew Patrick, Griffin, Jonathan, Williamson, Matthew Murray

Granted Patent

US 8,392,995 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/223
CPC Class Codes

H04L 41/28   Restricting access to netwo...

H04L 43/00   Arrangements for monitoring...

H04L 63/1433   Vulnerability analysis

H04L 63/145   the attack involving the pr...

Network management

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Network management

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links