ENTERPRISE CONSOLE
First Claim
1. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of the networks of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, an apparatus comprising:
- a plurality of advisories specifying relevance criteria and an action, at least one advisory describing a problem that has been discovered on a client computational device;
wherein each of said distributed clients, each running on an associated computational device, determines relevance of an advice message by evaluating a relevance clause of said advice message while automatically retrieving properties of the computational device on which said client runs.
1 Assignment
0 Petitions
Accused Products
Abstract
A console for an enterprise suite is disclosed. The enterprise suite addresses the increasingly complex problem of keeping critical systems updated, compatible, and free of security holes. It uses Fixlet® technology to identify vulnerable computers on the network and then allows authorized personnel to correct problems across any subset of the network with a few simple mouse-clicks. The enterprise suite helps keep the networked computers updated and properly patched, all from a central console which, along with supporting architectural enhancements, is the subject matter of this document. The invention allows rolling out a security patch in minutes instead of months, thus allowing an administrator to stay ahead of potential hacker attacks. The invention also makes it possible to track the progress of each computer as updates are applied, thus making it simple to gauge the level of compliance across the entire enterprise.
-
Citations
59 Claims
-
1. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of the networks of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, an apparatus comprising:
-
a plurality of advisories specifying relevance criteria and an action, at least one advisory describing a problem that has been discovered on a client computational device; wherein each of said distributed clients, each running on an associated computational device, determines relevance of an advice message by evaluating a relevance clause of said advice message while automatically retrieving properties of the computational device on which said client runs. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An enterprise management apparatus, comprising:
-
a centrally managed advisory diffusion server for gathering advisories from an advisory site, wherein an advisory comprises relevance criteria and an action, and wherein an advisory identifies relevant computers on a network of computational devices and allows authorized personnel to monitor, modify, and maintain said computers across any subset of said network; and a plurality of clients, each running on an associated computational device, associated with said network of computational devices, each client processing said advisories based upon a relevance determination, inspecting said associated computational device, and reporting any relevance determination and actions to said server. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. In a network comprising a plurality of managed computers, an enterprise management apparatus, comprising:
a client running on and associated with each managed computer for accessing a collection of messages, which messages identify relevant computer characteristics, wherein if said characteristics are identified, said client running on and associated with a computer implements associated actions on said associated computer. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
25. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of a a network of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, and a server for coordinating information flow to and from individual clients, an apparatus comprising:
-
at least one relay for offloading a download burden from said server, wherein said clients download from a designated relay; wherein said server distributes each advisory once to said relay, which in turn distributes said advisory to said clients. - View Dependent Claims (26, 27, 28, 29)
-
-
30. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of a network of computational devices, said system comprising a plurality of distributed clients, each of which runs on a corresponding networked computational device, a method comprising the steps of:
-
providing a plurality of advisories specifying relevance criteria and an action, at least one advisory describing a problem that has been discovered on a client computational device, said advisory comprising a short, clear explanation of said problem; each of said distributed clients determining relevance of an advice message by evaluating a relevance clause of said advice message, while automatically retrieving properties of the computational device on which said client runs and with which it is associated; wherein said advisories formally target specific states of a computational device and formally specify actions to take in response thereto. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A computer-implemented enterprise management method, comprising the steps of:
-
gathering advisories, wherein each advisory comprises relevance criteria and an action, and wherein each advisory identifies relevant computers on a network and allows authorized personnel to monitor, modify, and maintain said computers across any subset of said network; and providing a plurality of clients, each client associated with and running on a networked computational device, associated with said network, each client processing said advisories based upon a relevance determination, inspecting its associated computer, and reporting any relevance determination and actions. - View Dependent Claims (42, 43, 44, 45, 46, 47)
-
-
48. An enterprise management method for a network comprising a plurality of managed computers, comprising the steps of:
-
providing a system-wide view of said network of managed computers, along with specific characteristics thereof and associated actions, and for distributing information only to those computers for which said information is relevant from a server; providing a client running on and associated with each managed computer for accessing a collection of messages comprising said information that identify relevant computer characteristics; if said characteristics are identified, said client implementing associated actions received from said console. - View Dependent Claims (49, 50, 51, 52, 53, 54)
-
-
55. In a system for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of a network of computational devices, said system comprising a plurality of distributed clients, each of which is associated with and runs on a corresponding networked computational device, and a server for coordinating information flow to and from individual clients, a method comprising the steps of:
-
offloading a download burden from said server with a relay, wherein said clients download from a designated relay; said server distributing each advisory once to said relay, which in turn distributes said advisory to said clients; and reducing overhead on said server a ratio of relays to clients. - View Dependent Claims (56, 57, 58, 59)
-
Specification