NETWORK-ASSISTED HEALTH REPORTING ACTIVATION

US 20110060823A1
Filed: 03/31/2010
Published: 03/10/2011
Est. Priority Date: 03/31/2009
Status: Abandoned Application

First Claim

Patent Images

1. A computer-readable medium whose contents are capable of causing a computing system to perform a method for discerning network host health in a network, the method comprising:

monitoring traffic on the network to observe (a) statements of health sent by hosts connected to the network and (b) traffic of at least one other type sent by hosts connected to the network;

maintaining a list of hosts connected to the network from which a statement of health has been observed; and

when traffic of the other type is observed from a host connected to the network that is not included in the maintained list, taking an action intended to cause the host to send a statement of health.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for generating and tracking health diagnoses of devices connected to a computer network via a statement of health provided by each device. The system monitors the health of devices on the network and attempts to engage the operator of undiagnosed devices in order to provide a diagnosis. Undiagnosed devices are quarantined to restrict their access to network resources. For example, access requests from quarantined devices to certain Web services may be intercepted and the device redirected to a page informing the operator of the need to provide a health diagnosis by installing or activating a compatible system health agent.

Citations

26 Claims

1. A computer-readable medium whose contents are capable of causing a computing system to perform a method for discerning network host health in a network, the method comprising:
- monitoring traffic on the network to observe (a) statements of health sent by hosts connected to the network and (b) traffic of at least one other type sent by hosts connected to the network;
  
  maintaining a list of hosts connected to the network from which a statement of health has been observed; and
  
  when traffic of the other type is observed from a host connected to the network that is not included in the maintained list, taking an action intended to cause the host to send a statement of health.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer-readable medium of claim 1 wherein the action taken is installing a system health agent on the host.
  - 3. The computer-readable medium of claim 1 wherein the action taken is directing the user of the host to install a system health agent on the host.
  - 4. The computer readable medium of claim 3, further comprising:
    - determining that the user has not installed a system health agent on the host; and
      
      in response to the determining, limiting the types of network traffic that can be sent from the host.
  - 5. The computer-readable medium of claim 1 wherein the action taken is activating a system health agent installed on the host.
  - 6. The computer-readable medium of claim 1 wherein the action taken is directing the user of the host to activate a system health agent installed on the host.
  - 7. The computer readable medium of claim 6, further comprising:
    - determining that the user has not activated the system health agent installed on the host; and
      
      in response to the determining, limiting the types of network traffic that can be sent from the host.
  - 8. The computer-readable medium of claim 1, further comprising, for each network host from which a statement of health is observed, establishing network access rights for the host in accordance with the contents of the statement of health.

9. A method for discerning network host health in a network, comprising:
- in a device connected to the network, monitoring traffic on the network to observe (a) statements of health sent by hosts connected to the network and (b) traffic of at least one other type sent by hosts connected to the network;
  
  when traffic of the other type is observed from a host connected to the network from which no statement of health has been observed, providing communication to a user of the host offering a first alternative of installing and/or activating a system health agent on the host, and a second alternative of having network access control restrictions imposed on the host;
  
  if the user of the host elects the first alternative, assisting the user of the host in installing and/or activating a system health agent on the host; and
  
  if the user of the host elects the second alternative, causing network access control restrictions to be imposed on the host.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9 wherein the provided communication is a web page served to the user of the host.
  - 11. The method of claim 9 wherein the provided communication is a web page served to the user of the host in place of a web page requested by the user of the host.
  - 12. The method of claim 9 wherein the provided communication is an e-mail message transmitted to the user of the host.
  - 13. The method of claim 12, further comprising intercepting SMTP traffic from the host to discern an e-mail address of the user of the host, wherein the provided communication is transmitted to the discerned e-mail address.
  - 14. The method of claim 12, further comprising intercepting POP traffic from the host to discern an e-mail address of the user of the host, wherein the provided communication is transmitted to the discerned e-mail address.
  - 15. The method of claim 12, further comprising intercepting IMAP traffic from the host to discern an e-mail address of the user of the host, wherein the provided communication is transmitted to the discerned e-mail address.

16. A system for tracking the state of health of devices connected to a network, the system comprising:
- a component that receives a statement of health from at least one device connected to the network;
  
  a component that generates a diagnosis for the at least one device connected to the network based on the received statement of health;
  
  a component that maintains a list of devices connected to the network for which a health diagnosis has been generated; and
  
  a component that, in response to receiving data from an undiagnosed device, causes the operator of the device to be prompted to take action to enable the reporting of a statement of health.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The system of claim 16, further comprising:
    - a component that specifies a set of network access control restrictions to be applied to undiagnosed devices; and
      
      a component that insulates a portion of the network that contains devices with a healthy diagnosis from undiagnosed devices.
  - 18. The system of claim 17, further comprising:
    - a component that insulates the portion of the network that contains devices with a healthy diagnosis from devices with an unhealthy diagnosis.
  - 19. The system of claim 16, further comprising:
    - a component that captures HTTP requests from undiagnosed devices and redirects the HTTP requests to a web page maintained by the system, wherein the web page is configured to provide an operator of a device with instructions and/or software for enabling health reporting.
  - 20. The system of claim 16, further comprising:
    - a component that observes SMTP, POP, or IMAP traffic for the purpose of obtaining an operator email address to direct information and instructions for enabling health reporting.
  - 21. The system of claim 16, further comprising:
    - a component that, in response to receiving data from an unhealthy device, notifies an operator of the device that the device is unhealthy and allows the device to access the network without correcting the health of the device.
  - 22. The system of claim 16, further comprising:
    - a component that, in response to receiving data from an unhealthy device, causes the device to take action to automatically correct the health of the device.
  - 23. The system of claim 16, further comprising:
    - a component that, in response to receiving data from an unhealthy device, notifies an administrator of the network that the device is accessing the network.

24. A method performed by a computer having a memory and a processor, the method comprising:
- monitoring traffic on a network to observe (a) statements of health sent by devices connected to the network and (b) traffic of at least one other type sent by devices connected to the network; and
  
  when traffic is observed from a device connected to the network from which a statement of health indicating that the device is healthy has not been received, sending a notification that the device is accessing the network without providing a statement of health indicating that the device is healthy.
- View Dependent Claims (25, 26)
- - 25. The method of claim 24 wherein sending the notification includes sending the notification to an operator of the device.
  - 26. The method of claim 24 wherein sending the notification includes sending the notification to an administrator of the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Napera Networks Incorporated (OPSWAT, Inc.)
Original Assignee
Napera Networks Incorporated (OPSWAT, Inc.)
Inventors
Boscolo, Christopher, Phillippe, Bryan

Application Number

US12/751,921
Publication Number

US 20110060823A1
Time in Patent Office

Days
Field of Search
US Class Current

709/224
CPC Class Codes

G06F 11/321   Display for diagnostics, e....

G06F 11/324   Display of status information

H04L 41/046   comprising network manageme...

H04L 41/0816   the condition being an adap...

H04L 43/0817   by checking functioning

NETWORK-ASSISTED HEALTH REPORTING ACTIVATION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

NETWORK-ASSISTED HEALTH REPORTING ACTIVATION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links