Systems And Methods For Enterprise Security With Collaborative Peer To Peer Architecture
First Claim
1. A method for authenticating a device to operate within an enterprise system having an enterprise policy, comprising:
- installing an agent on the device;
analyzing the device, using the agent, to determine profile information of the device;
sending the determined profile information to a type 2 super peer;
verifying, within the type 2 super peer, whether the profile information conforms to the enterprise policy;
generating an agent trust credential within the type 2 super peer, if the profile information conforms to the enterprise policy, for the agent based upon the profile information;
issuing, if the profile information conforms to the enterprise policy, the agent trust credential to the agent;
verifying authenticity of the device based upon the agent trust credential;
communicating with the device if the device is authenticated; and
preventing communication with the device if the device is not authenticated.
6 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods authenticate a device to operate within an enterprise system with an enterprise policy. An agent, installed on the device, analyzes the device to determine profile information of the device. The determined profile information is sent to a type 2 super peer that verifies whether the profile information conforms to the enterprise policy. If the profile information conforms to the enterprise policy, an agent trust credential is generated, within the type 2 super peer, for the agent, based upon the profile information, and issued to the agent. Authenticity of the device is verified based upon the agent trust credential. If the device is authenticated, communications with the device are permitted. If the device is not authenticated, communications with the device is prevented. In another embodiment, a method restores a device to conform to a system policy. A snapshot of critical components of the device is taken while the device is in compliance with the system policy. The critical components are monitored to identify critical components that differ from the critical components of the snapshot. If differing critical components are detected, the device is restored to conform with system policy by replacing differing critical components based upon the snapshot.
175 Citations
20 Claims
-
1. A method for authenticating a device to operate within an enterprise system having an enterprise policy, comprising:
-
installing an agent on the device; analyzing the device, using the agent, to determine profile information of the device; sending the determined profile information to a type 2 super peer; verifying, within the type 2 super peer, whether the profile information conforms to the enterprise policy; generating an agent trust credential within the type 2 super peer, if the profile information conforms to the enterprise policy, for the agent based upon the profile information; issuing, if the profile information conforms to the enterprise policy, the agent trust credential to the agent; verifying authenticity of the device based upon the agent trust credential; communicating with the device if the device is authenticated; and preventing communication with the device if the device is not authenticated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A realm controller with high reliability and high availability, comprising:
-
a first computer system; a second computer system in communication with the first computer system; and a SSI clustering package running on each of the first and second computer systems; wherein realm controller operation continues without interruption if a hardware failure occurs on any one of the first and second computers. - View Dependent Claims (13, 14)
-
-
15. A method for protecting a networked computer system from abnormal activity, comprising:
-
installing one or more agents within each computing device of the networked computer system; monitoring the network and its devices, using the agents, to determine a normal behavior of the network; monitoring the network and its devices, using the agents, to determine abnormal behavior of the network; isolating affected devices upon detection of abnormal behavior. - View Dependent Claims (16)
-
-
17. A method for isolating a device from communicating with a network when the device profile deviates from a defined system policy, comprising:
-
installing an active agent on the device; operating the active agent to periodically profile the device; determining whether the device profile conforms to the system policy; preventing the device, using the active agent, from communicating with the network if the profile does not comply; and allowing the device, using the active agent, to communicate with the network of the profile does comply.
-
-
18. A method for restoring a device to conform to a system policy, comprising;
-
taking a snapshot of critical components of the device while the device is in compliance with the system policy; monitoring the critical components to identify critical components that differ from the critical components of the snapshot; and restoring the device to conform with system policy, if differing critical components are detected, by replacing differing critical components based upon the snapshot. - View Dependent Claims (19, 20)
-
Specification