METHOD AND SYSTEM FOR PROVIDING WIRELESS VULNERABILITY MANAGEMENT FOR LOCAL AREA COMPUTER NETWORKS

US 20090119741A1
Filed: 12/11/2007
Published: 05/07/2009
Est. Priority Date: 11/06/2007
Status: Abandoned Application

First Claim

Patent Images

1. A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks, the method comprising:

providing a security server, the security server being hosted by a service provider entity, the security server being coupled to the Internet, the security server being adapted to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively;

creating a workspace for wireless vulnerability management for a first customer entity on the security server, the creating the workspace being responsive to a request from the first customer entity to subscribe to wireless vulnerability management;

receiving configuration information associated with the workspace for the first customer entity at the security server;

supplying one or more sniffers to the first customer entity;

receiving connection requests at the security server over the Internet from the one or more sniffers, respectively, subsequent to the one or more sniffers being deployed at premises of the first customer entity;

associating identities of the one or more sniffers with the workspace for the first customer entity at the security server;

receiving at the security server information associated with wireless activity monitored by the one or more sniffers at the premises of the first customer entity, the receiving being receiving over the Internet;

processing the received information associated with the wireless activity within the workspace for the first customer entity using the security server; and

metering usage of the workspace for wireless vulnerability management for the first customer entity.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks. The method includes providing a security server being hosted by a service provider entity to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively. The method includes creating a workspace for wireless vulnerability management for a customer entity on the security server and receiving configuration information associated with the workspace. The method also includes supplying one or more sniffers to the customer entity. The method includes receiving at the security server information associated with wireless activity monitored by the one or more sniffers at premises of the customer entity and processing the received information within the workspace for the customer entity using the security server. The method includes metering usage of the workspace for wireless vulnerability management for the customer entity.

33 Citations

View as Search Results

20 Claims

1. A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks, the method comprising:
- providing a security server, the security server being hosted by a service provider entity, the security server being coupled to the Internet, the security server being adapted to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively;
  
  creating a workspace for wireless vulnerability management for a first customer entity on the security server, the creating the workspace being responsive to a request from the first customer entity to subscribe to wireless vulnerability management;
  
  receiving configuration information associated with the workspace for the first customer entity at the security server;
  
  supplying one or more sniffers to the first customer entity;
  
  receiving connection requests at the security server over the Internet from the one or more sniffers, respectively, subsequent to the one or more sniffers being deployed at premises of the first customer entity;
  
  associating identities of the one or more sniffers with the workspace for the first customer entity at the security server;
  
  receiving at the security server information associated with wireless activity monitored by the one or more sniffers at the premises of the first customer entity, the receiving being receiving over the Internet;
  
  processing the received information associated with the wireless activity within the workspace for the first customer entity using the security server; and
  
  metering usage of the workspace for wireless vulnerability management for the first customer entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1 wherein the service provider entity and the first customer entity being business entities separate from one another.
  - 3. The method of claim 1 wherein the metering the usage of the workspace for the first customer entity comprising:
    - tracking usage of the one or more sniffers at the premises of the first customer entity for the monitoring of the wireless activity; and
      
      charging the first customer entity periodically based at least upon the usage of the one or more sniffers.
  - 4. The method of claim 1 wherein the metering the usage of the workspace for the first customer entity comprising:
    - tracking vulnerabilities detected during a selected period; and
      
      charging the first customer entity based at least upon the vulnerabilities detected during the selected period.
  - 5. The method of claim 1, and further comprising receiving a selection of one or more modules associated with the workspace for the first customer entity at the security server.
  - 6. The method of claim 5 wherein the metering the usage of the workspace for the first customer entity comprising charging the first customer entity based at least upon the selection of the one or more modules.
  - 7. The method of claim 5 wherein the one or more modules comprise at least one module selected from the group consisting of scanning module, threat assessment module, remediation module, location tracking module, reporting module, RF visualization module, and managed services module.
  - 8. The method of claim 5 wherein the receiving the selection of the one or more modules associated with the workspace for the first customer entity at the security server comprising:
    - receiving a request to initiate logging into the workspace for the first customer entity from a computer, the request being initiated over the Internet;
      
      transferring information associated with a listing of modules comprising the one or more modules to the computer over the Internet; and
      
      receiving the selection of the one or more modules at the security server over the Internet, the selection being inputted by a person operating the computer using the listing of the modules.
  - 9. The method of claim 5 wherein the processing the received information associated with the wireless activity within the workspace for the first customer entity using the security server comprising:
    - authenticating the received information using a digital secret shared between the security server and the first customer entity;
      
      accessing the configuration information associated with the workspace for the first customer entity;
      
      accessing the module selection information associated with the workspace for the first customer entity;
      
      processing the received information based at least upon the configuration information and the module selection information to generate a result information; and
      
      triggering one or more actions based at least upon the result information.
  - 10. The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving identity information associated with one or more authorized wireless devices within the local area network of the first customer entity.
  - 11. The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising:
    - receiving information associated with a hierarchy of physical locations within the premises of the first customer entity; and
      
      receiving information related to association between the one or more sniffers and the physical locations, respectively.
  - 12. The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving information associated with notification of one or more wireless vulnerabilities to the first customer entity.
  - 13. The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving information associated with a selection of one or more reports, the one or more reports to be generated based upon the information associated with the monitored wireless activity received at the security server.
  - 14. The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising:
    - receiving a request to initiate logging into the workspace of the first customer entity from a computer, the request being initiated over the Internet;
      
      transferring information associated with one or more configuration screens to the computer over the Internet;
      
      displaying the one or more configuration screens on the computer; and
      
      receiving the configuration information at the security server over the Internet, the configuration information being inputted by a person operating the computer using the one or more configuration screens displayed on the computer.
  - 15. The method of claim 1 wherein a username, a password, and an administrative privilege being associated with the workspace for the first customer entity on the security server, the administrative privilege being a configuration modification privilege, a viewing privilege, or a module selection privilege.
  - 16. The method of claim 1 wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including identities of one or more wirelessly active access points and one or more wirelessly active clients within and/or in a vicinity of the premises of the first customer entity.
  - 17. The method of claim 1 wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including information associated with wireless connections among a plurality of wireless devices within and/or in a vicinity of the premises of the first customer entity.
  - 18. The method of claim 1 wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including information associated with radio signal strength parameters associated with the wireless activity.

19. A server system comprising:
- one or more interconnected computers adapted to provide wireless vulnerability management based upon Software as a Service (SaaS) for a plurality of private computer networks of a plurality of customer entities, respectively;
  
  wherein the one or more interconnected computers are programmed to execute the steps of;
  
  receiving information associated with wireless activity from a plurality of sets of sniffers over the Internet, the plurality of sets of sniffers being positioned within premises of the plurality of customer entities, respectively;
  
  maintaining a plurality of workspaces for wireless vulnerability management for the plurality of customer entities, respectively;
  
  identifying a plurality of portions of the received information that are associated with the plurality of customer entities, respectively;
  
  processing the plurality of portions within the plurality of workspaces, respectively;
  
  metering usages of the plurality of workspaces; and
  
  generating billing data for the plurality of customer entities based at least upon the metering.

20. A Software-as-a-Service (SaaS) based method for availing wireless vulnerability management for local area computer network, the method comprising:
- generating a request for wireless vulnerability management for a local area network of a first customer entity;
  
  receiving login information associated with a workspace for the first customer entity, the workspace being created on a security server and being for wireless vulnerability management for the local area network of the first customer entity, the security server being hosted by a service provider entity, the security server being coupled to the Internet, the security server being adapted to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively;
  
  providing configuration information associated with the workspace for the first customer entity to the security server;
  
  receiving one or more sniffers at premises of the first customer entity;
  
  connecting the one or more sniffers to the local area network of the first customer entity;
  
  generating connection requests to the security server over the Internet from the one or more sniffers, respectively, subsequent to the one or more sniffers being connected to the local area network of the first customer entity;
  
  transferring identity information from the one or more sniffers to the security server, the identity information being used to associate the one or more sniffers with the workspace for the first customer entity;
  
  sending to the security server information associated with wireless activity monitored by the one or more sniffers at the premises of the first customer entity, the sending being sending over the Internet;
  
  receiving results from processing of the sent information associated with the wireless activity, the processing being using the security server and being performed within the workspace for the first customer entity; and
  
  generating payment authorization based at least upon usage of the workspace for the first customer entity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Airtight Networks Incorporated (Arista Networks, Inc.)
Original Assignee
Airtight Networks Incorporated (Arista Networks, Inc.)
Inventors
Bhagwat, Vivek, Palnitkar, Samir

Application Number

US11/954,007
Publication Number

US 20090119741A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06Q 20/40   Authorisation, e.g. identif...

G06Q 30/0283   Price estimation or determi...

H04L 63/1433   Vulnerability analysis

H04W 12/122   Counter-measures against at...

H04W 12/126   Anti-theft arrangements, e....

METHOD AND SYSTEM FOR PROVIDING WIRELESS VULNERABILITY MANAGEMENT FOR LOCAL AREA COMPUTER NETWORKS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR PROVIDING WIRELESS VULNERABILITY MANAGEMENT FOR LOCAL AREA COMPUTER NETWORKS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links