SYSTEM AND METHOD OF MONITORING AND CONTROLLING APPLICATION FILES
First Claim
1. A method of updating a system which controls operation of programs on a workstation, the method comprising:
- detecting a network access attempt by an application;
generating an application digest for the application;
determining whether the application is associated with one or more policies;
if the application is associated with one or more policies, then applying the one or more policies that are associated with the application;
if the application is not associated with one or more policies, then posting the application to a logging database;
uploading the logging database to an application server module;
determining whether the application is in an application inventory database, wherein the application is associated with one or more policies; and
if the application is not in the application inventory database of the application server module, then posting the application to a network access database, if the application is in the application inventory database, then applying one or more policies associated with the application.
16 Assignments
0 Petitions
Accused Products
Abstract
A system and method for updating, monitoring, and controlling applications on a workstation. The workstation includes a workstation management module configured to detect the launch or request to access a network by an application. A workstation application server receives data associated with the application from the workstation. The application server module can determine one or more policies or categories to associate with the application by referencing an application inventory database. Once the application server module has the category or policy, it forwards a hash/policy table to the workstation management module. Upon receipt of the hash/policy table, the workstation management module applies the policy that is associated with the application to control network access by the application.
-
Citations
19 Claims
-
1. A method of updating a system which controls operation of programs on a workstation, the method comprising:
-
detecting a network access attempt by an application; generating an application digest for the application; determining whether the application is associated with one or more policies; if the application is associated with one or more policies, then applying the one or more policies that are associated with the application; if the application is not associated with one or more policies, then posting the application to a logging database; uploading the logging database to an application server module; determining whether the application is in an application inventory database, wherein the application is associated with one or more policies; and if the application is not in the application inventory database of the application server module, then posting the application to a network access database, if the application is in the application inventory database, then applying one or more policies associated with the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of collecting collection data for use in updating a system which controls network access of programs, the method comprising:
-
detecting access request to a network by a program; determining whether the program is stored in a table; if the program is stored, applying a first rule that is associated with the program; and if the program is not stored, posting the program to a database. - View Dependent Claims (16)
-
-
17. A method of updating a system which controls network access by programs on a workstation, the method comprising:
-
detecting a network access request of an application; generating a hash value for the application, wherein the hash values includes network access data; comparing the generated hash value to one or more hash values in a hash/policy table that includes one or more policies associated with the one or more hash values; if the generated hash value matches one or more of the hash values in the hash/policy table, then applying the one or more policies that are associated with the one or more hash values; if the generated hash value does not match one or more hash values in the hash/policy table, then posting the application to a logging database; uploading the logging database to an application server module; determining whether the application from the logging database is in an application inventory database; and if the application is not in the application inventory database, then posting the application to a network access database. - View Dependent Claims (18, 19)
-
Specification