FLEXIBLE SYSTEM HEALTH AND REMEDIATION AGENT

US 20100063855A1
Filed: 09/10/2008
Published: 03/11/2010
Est. Priority Date: 09/10/2008
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for remediating one or more non-compliant computer systems in a network, the method comprising:

receiving one or more compliance rules, wherein the rules include conditions for detecting whether a computer system violates the rule and remediation steps associated with each rule for restoring compliance of the computer system when it violates the rule;

identifying the computer system;

determining the compliance of the computer system with the compliance rules by checking the included conditions; and

when the computer system is determined to violate a compliance rule, performing the remediation steps associated with the violated compliance rule on the computer system.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A flexible compliance system is described herein that provides a deployable system health agent and automated remediation of computer system compliance failures based on configurable compliance rules. An administrator defines rules that represent compliance elements that the flexible compliance system will enforce. The flexible compliance system reads the rules defined by the administrator like a flexible set of conditions to check, and checks client computer systems based on the rules. The flexible compliance system generates a statement of health that indicates whether the computer system satisfies or violates each rule. In response to the statement of health, the flexible compliance system may take various actions with respect to a computer system in violation of a rule, including attempting to resolve the violation or quarantining the computer system to avoid interaction with other computer systems.

39 Citations

View as Search Results

20 Claims

1. A computer-implemented method for remediating one or more non-compliant computer systems in a network, the method comprising:
- receiving one or more compliance rules, wherein the rules include conditions for detecting whether a computer system violates the rule and remediation steps associated with each rule for restoring compliance of the computer system when it violates the rule;
  
  identifying the computer system;
  
  determining the compliance of the computer system with the compliance rules by checking the included conditions; and
  
  when the computer system is determined to violate a compliance rule, performing the remediation steps associated with the violated compliance rule on the computer system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1 wherein the remediation steps include quarantining the computer system from the network.
  - 3. The method of claim 1 wherein the remediation steps include installing an application patch on the computer system.
  - 4. The method of claim 1 wherein identifying the computer system comprises crawling the network with a spider application.
  - 5. The method of claim 1 wherein identifying the computer system comprises receiving a logon notification related to the computer system.
  - 6. The method of claim 1 wherein the received compliance rule conditions identify one or more registry values that indicate compliance of the computer system with the rule.
  - 7. The method of claim 1 wherein the received compliance rule conditions identify one or more file versions that indicate compliance of the computer system with the rule.
  - 8. The method of claim 1 wherein determining the compliance of the computer system comprises iterating through each compliance rule and checking the included conditions for each rule.
  - 9. The method of claim 1 further comprising, when the computer system is determined to violate a compliance rule, determining a severity of the violated compliance rule and performing remediation steps that vary based on the severity.
  - 10. The method of claim 1 further comprising, after determining the compliance of the computer system, generating a statement of health that indicates the compliance of the computer system with the compliance rules.

11. A computer system for maintaining the health of computer systems within an organization, the system comprising:
- a rule data store configured to store one or more rules for determining the health of computer systems in an organization;
  
  a network crawl component configured to crawl a network connecting at least some of the computer systems within the organization to identify computer systems the health of which the system maintains;
  
  an agent deployment component configured to deploy a software agent to identified computer systems to execute on the computer systems; and
  
  a flexible agent component configured to report the health of and perform remediation steps on the identified computer systems.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The system of claim 11 wherein the flexible agent component further comprises:
    - a health verification component configured to assess the health of a particular computer system and generate a report of the assessed health; and
      
      a remediation component configured to remedy assessed health problems of the computer system.
  - 13. The system of claim 12 wherein the health verification component generates the report as a cryptographically signed statement of health that authenticates the health assessment as having been generated by the flexible agent.
  - 14. The system of claim 11 wherein the rule data store is further configured to store one or more remediation steps used by the remediation component to restore an unhealthy computer system to health.
  - 15. The system of claim 11 wherein the flexible agent component resides temporarily in memory of the computer systems until assessing health and remediation steps are complete.

16. A computer-readable medium encoded with instructions for controlling a computer system to automatically provide remediation for compliance problems of the computer system, by a method comprising:
- receiving a statement of health that indicates a failure of the computer system to comply with an identified compliance rule;
  
  receiving a script that provides remediation instructions for responding to the failure of the computer system;
  
  automatically performing the instructions of the script to remediate the computer system;
  
  determining that the computer system no longer fails to comply with the identified compliance rule; and
  
  updating the statement of health to indicate a current health states of the computer system.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The computer-readable medium of claim 16 wherein the remediation instructions provide instructions for restoring the compliance of the computer system with the identified compliance rule.
  - 18. The computer-readable medium of claim 16 wherein the remediation instructions provide instructions for quarantining the computer system from other computer systems on a network.
  - 19. The computer-readable medium of claim 16 wherein the script is received as an XML file that specifies one or more rule conditions for detecting compliance with the compliance rule and remediation instructions associated with the compliance rule.
  - 20. The computer-readable medium of claim 16 wherein the remediation instructions include at least one of modifying a registry key, deleting a file, and uninstalling an application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Nguyen, Man

Granted Patent

US 8,019,857 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/7
CPC Class Codes

G06Q 10/06   Resources, workflows, human...

G16H 10/60   for patient-specific data, ...

G16H 40/20   for the management or admin...

G16H 40/40   for the management of medic...

FLEXIBLE SYSTEM HEALTH AND REMEDIATION AGENT

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

39 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

FLEXIBLE SYSTEM HEALTH AND REMEDIATION AGENT

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others