MONITORING REMOTE ACCESS TO AN ENTERPRISE NETWORK
First Claim
1. A method of operating a computing device comprising at least one processor for monitoring remote access to an enterprise network, the method comprising, with the at least one processor:
- generating, for a first entity accessing a resource on the enterprise network through a remote client computer, a first identifier of at least one first security association between the first entity and the resource;
associating, based on the first identifier, the at least one first security association with a first entity session created for the first entity, wherein each of the at least one first security association in the first entity session has the first identifier;
determining, based on an identity of the remote client computer, that the first entity session belongs to a connection between the remote client computer and the enterprise network, wherein the connection comprises security associations created for resources on the enterprise network that are accessed through the remote client computer connected to the enterprise network; and
providing a representation of the connection based on the determination, the representation indicating that the resource is accessed by the first entity through the remote client computer over the connection.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques to provide an improved representation of remote network access for a network administrator managing and controlling access to resources on an enterprise network. The representation indicates resources accessed by a remote computer or by a user of that computer and provides associated information useful for managing remote network access. To create the representation, multiple security associations formed between a remote client computer and resources on the enterprise network are associated with entity sessions, based on identical session identifiers generated for each security association within an entity session. The entity sessions may be aggregated into a to DirectAccess “connection” between the remote client computer and the enterprise network, based on an identity of the remote client computer. Resources accessed over the connection may be identified using a session identifier of each entity session so that security associations in that entity session may be matched with the resources.
10 Citations
20 Claims
-
1. A method of operating a computing device comprising at least one processor for monitoring remote access to an enterprise network, the method comprising, with the at least one processor:
-
generating, for a first entity accessing a resource on the enterprise network through a remote client computer, a first identifier of at least one first security association between the first entity and the resource; associating, based on the first identifier, the at least one first security association with a first entity session created for the first entity, wherein each of the at least one first security association in the first entity session has the first identifier; determining, based on an identity of the remote client computer, that the first entity session belongs to a connection between the remote client computer and the enterprise network, wherein the connection comprises security associations created for resources on the enterprise network that are accessed through the remote client computer connected to the enterprise network; and providing a representation of the connection based on the determination, the representation indicating that the resource is accessed by the first entity through the remote client computer over the connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer comprising at least one processor, the computer adapted to, with the at least one processor:
-
generate, for an entity accessing a resource on the enterprise network through a remote client computer, an identifier for at least one security association between the entity and the resource; associate, based on the identifier, the at least one security association with an entity session created for the entity, wherein each of the at least one security association in the entity session has the identifier; determine, based on an identity of the remote client computer, that the entity session belongs to a connection between the remote client computer and the enterprise network, wherein the connection comprises security associations created for resources on the enterprise network that are accessed through the remote client computer connected to the enterprise network; and provide a representation of the connection based on the determination, the representation indicating that the resource is accessed by the entity through the remote client computer over the connection. - View Dependent Claims (14, 15, 16)
-
-
17. At least one computer-readable storage medium comprising computer-executable instructions that, when executed by at least one processor, implement a method of monitoring remote access to an enterprise network, the method comprising:
-
generating, for an entity accessing a resource on the enterprise network through a remote client computer, an identifier for at least one security association between the entity and the resource; associating, based on the identifier, the at least one security association with an entity session created for the entity, wherein each of the at least one security association in the entity session has the identifier; determining, based on an identity of the remote client computer, that the entity session belongs to a connection between the remote client computer and the enterprise network, wherein the connection comprises security associations created for resources on the enterprise network that are accessed through the remote client computer connected to the enterprise network; and providing information on the connection based on the determination, the representation indicating that the resource is accessed by the entity through the remote client computer over the connection. - View Dependent Claims (18, 19, 20)
-
Specification