NETWORK SECURITY SCANNER FOR ENTERPRISE PROTECTION

US 20080276295A1
Filed: 05/04/2007
Published: 11/06/2008
Est. Priority Date: 05/04/2007
Status: Active Grant

First Claim

Patent Images

1. A method of remotely monitoring levels of security preparedness of a plurality of computing machines for obtaining a report, with intent to assess and selectively upgrade the security preparedness of the computing machines, said computing machines being already selectively connected to receive security protection front a commercial security software, said method comprising the steps of:

viewing and dividing a list of said plurality of computing machines into segments for remote access;

selectively accessing computing machines in selected ones of the segments;

remotely scanning the accessed selected computing machines in the segments for obtaining a report of data in the computing machines including information relating to user defined security fields and policies present in said selected computing machines; and

,generating a NSSEP (Network Security Scanner for Enterprise Protection) report by using said data to perform a security preparedness and conformity audit and suitable correction of the scanned computing machines in a non-intrusive manner.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of monitoring levels of security conformity and preparedness of a plurality of network connected computing machines, obtains a report by remotely scanning the machines in segments. The machines might already be connected to commercial security software and a patch dispenser. The report includes definition dates and any files quarantined by the commercial security software, patch-management-software communication present and the patches received. The method uses the report and software (not installed on the scanned machines) to produce a Network Security Scanner for Enterprise Protection output to perform a security-preparedness audit of the scanned machines. The audit non-intrusively ascertains. If the scanned machines conform to user-defined fields and policies, and assists in selective security updating of the machines. The scanning, unrecognized by the scanned machines may be configured to suit their OS, and done periodically as desired. A computer readable medium executing the method is included.

Citations

23 Claims

1. A method of remotely monitoring levels of security preparedness of a plurality of computing machines for obtaining a report, with intent to assess and selectively upgrade the security preparedness of the computing machines, said computing machines being already selectively connected to receive security protection front a commercial security software, said method comprising the steps of:
- viewing and dividing a list of said plurality of computing machines into segments for remote access;
  
  selectively accessing computing machines in selected ones of the segments;
  
  remotely scanning the accessed selected computing machines in the segments for obtaining a report of data in the computing machines including information relating to user defined security fields and policies present in said selected computing machines; and
  
  ,generating a NSSEP (Network Security Scanner for Enterprise Protection) report by using said data to perform a security preparedness and conformity audit and suitable correction of the scanned computing machines in a non-intrusive manner.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 22)
- - 2. The method as in claim 1 wherein said information comprises files quarantined by said commercial security software, and information relating to software for patch management, said method including the step of deploying user commands and prompts, wherein at least some of the plurality of the computing machines are located in enterprise network with a client specific operating system (OS).
  - 3. The method as in claim 1 wherein the step of remotely scanning comprises scanning selected computing machines segment by segment, wherein said NSSEP report includes user configured fields like Computer IP Address;
    - Computer Name;
      
      MAC Address;
      
      Antivirus Version;
      
      Parent Server;
      
      Definitions;
      
      Files Quarantined;
      
      SUS Status;
      
      Operating System and Computer Status.
  - 4. The method as in claim 1, including the step of ascertaining from said report as to whether a specific computing machine from those scanned is in conformity with user defined security fields and policies against which computing machines are scanned for conformity.
  - 5. The method as in claim 1, wherein the step of remotely scanning includes obtaining definition dates for existing commercial security software which the scanned computing machines contain.
  - 6. The method as in claim 5, wherein the step of remotely scanning includes obtaining definition dates for said existing commercial software, irrespective of configuration and user-changes in security software.
  - 7. The method as in claim 1, including the step of configuring said remote scanning for a diagnosed operating system prevailing in any scanned computing machine.
  - 8. The method as in claim 1 including the step of automating said scanning on a known periodic basis.
  - 9. The method as in claim 8, wherein said periodic basis is chosen from daily or twice daily, or as desired.
  - 10. The method as in claim 1 including the step of configuring said steps of viewing and remotely scanning for catering computing machines connected in a network.
  - 22. A computer readable medium encoded with data instruction which when executed by a computing platform, results in execution of a method as in claim 1.

11. A method of remotely monitoring levels of security preparedness and patch management of a plurality of enterprise network connected computing machines for an enterprise IT Management Group to obtain a report, with intent to access and selectively upgrade the security preparedness of the computing machines, said computing machines being already selectively connected to receive security protection from a commercial security software, comprising the steps of:
- viewing and dividing a list of said plurality of computing machines into segments for remote access;
  
  selectively accessing computing machines in selected ones of the segments with an existing set up and no separate installation of any additional software in any of the plurality of the computing machines;
  
  remotely scanning the accessed selected computing machines in the segments and maintaining an existing performance level, for obtaining a report of data including information relating to files quarantined by said commercial security software, and information relating to software for patch management present in said selected computing machines as well as implemented patches;
  
  generating a NSSEP (Network Security Scanner for Enterprise Protection) report using said data to perform a security preparedness audit of the scanned computing machines in said segments; and
  
  ,selectively initiating corrective action to update security preparedness levels and selectively implement patch management of the scanned computing machines as desired by said IT management Group.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 23)
- - 12. The method as in claim 11 including the step of deploying user commands and prompts, wherein at least some of the plurality of the computing machines are located in enterprise network with a client specific operating system (OS).
  - 13. The method as in claim 11 wherein the step of remotely scanning comprises scanning selected computing machines segment by segment, wherein said NSSEP report includes user configured fields and policies including:
    - computer IP address;
      
      computer name;
      
      MAC Address;
      
      antivirus version;
      
      parent server;
      
      definitions;
      
      files quarantined;
      
      patch management software status;
      
      operating system and computer status.
  - 14. The method as in claim 11, including the step of ascertaining from said report as to whether a specific computing machine from those scanned is in conformity with user defined company security policy and fields.
  - 15. The method as in claim 11, wherein the step of remotely scanning includes obtaining definition dates for existing commercial security software which the scanned computing machines contain, the method including the step of including in said report of data required fields/data of different software vendor'"'"'s products as desired by said enterprise IT management Group.
  - 16. The method as in claim 11, wherein the step of remotely scanning includes obtaining definition dates for said existing commercial software, irrespective of configuration and user provisioning of security software.
  - 17. The method as in claim 11, including the step of configuring said remote scanning for a diagnosed operating system prevailing in any scanned computing machine.
  - 18. The method as in claim 11 including the step of automating said scanning on a known periodic basis.
  - 19. The method as in claim 18, wherein said periodic basis is chosen from daily of twice daily or as desired.
  - 20. The method as in claim 11 including the step of configuring said steps of viewing and remotely scanning said computing machines with users of the scanned computing machines remaining unaware of the scanning, wherein the computing machines may exist in a connected local network.
  - 23. A computer readable medium encoded with data/instruction which when executed by a computing platform, results in execution of a method as in claim 11.

21. A method of remotely monitoring levels of security preparedness and patch management of a plurality of network connected computing machines for an enterprise IT Management Group to obtain a report, with intent to assess and selectively upgrade the security preparedness of the computing machines, said computing machines being already selectively connected to receive security protection from at least one commercial security software vendor, comprising the steps of:
- viewing and dividing a list of said plurality of computing machines into segments for remote access;
  
  selectively accessing computing machines in selected ones of the segments with an existing set up and no separate installation of any additional software in any of the plurality of the computing machines;
  
  remotely scanning the accessed selected computing machines in the segments with unaltered performance of network and performance level, including the step of configuring said steps of viewing and remotely scanning the computing machines with users of the scanned computing machines remaining unaware of the scanning, for obtaining a report of data including information relating to files quarantined by said commercial security software, and information relating to patch management software present in said selected computing machines as well as implemented patches; and
  
  ,generating a NSSEP (Network Security Scanner for Enterprise Protection) report using said data to perform a security preparedness audit of the scanned computing machines in the segments wherein said NSSEP report selectively includes required fields/data of different software vendors'"'"'s products; and
  
  ,selectively initiating corrective action to update security preparedness levels and selectively implement patch management of the scanned computing machines as desired by said IT management Group.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wipro Limited
Original Assignee
Wipro Limited
Inventors
Nair, Bini Krishnan Ananthakrishnan

Granted Patent

US 8,850,587 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 21/554   involving event detection a...

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

H04L 41/044   comprising hierarchical man...

H04L 41/12   Discovery or management of ...

H04L 63/1433   Vulnerability analysis

H04L 63/20   for managing network securi...

NETWORK SECURITY SCANNER FOR ENTERPRISE PROTECTION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

NETWORK SECURITY SCANNER FOR ENTERPRISE PROTECTION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links