SYSTEM AND METHOD FOR CLOUD BASED SCANNING FOR COMPUTER VULNERABILITIES IN A NETWORK ENVIRONMENT

US 20130174246A1
Filed: 12/29/2011
Published: 07/04/2013
Est. Priority Date: 12/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

establishing a first secure tunnel between a configuration manager and a scanner, and a second secure tunnel between a scan controller and the scanner, wherein the scanner is located in a public network and the configuration manager and the scan controller are located in a private network;

communicating scanner configuration information between the scanner and the configuration manager over the first secure tunnel; and

communicating scan information between the scanner and the scan controller over the second secure tunnel.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method in one embodiment includes establishing a first secure tunnel between a scanner and a configuration manager, and a second secure tunnel between the scanner and a scan controller, where the scanner is located in a public network and the configuration manager and the scan controller are located in a private network, communicating scanner configuration information between the scanner and the configuration manager over the first secure tunnel, and communicating scan information between the scanner and the scan controller over the second secure tunnel. The secure tunnels may be established from within the private network, by forwarding a first origination port and a second origination port to a first destination port and a second destination port, respectively. The first and second origination ports may be located in the public network, and the first and second destination ports may be located in the private network.

83 Citations

22 Claims

1. A method comprising:
- establishing a first secure tunnel between a configuration manager and a scanner, and a second secure tunnel between a scan controller and the scanner, wherein the scanner is located in a public network and the configuration manager and the scan controller are located in a private network;
  
  communicating scanner configuration information between the scanner and the configuration manager over the first secure tunnel; and
  
  communicating scan information between the scanner and the scan controller over the second secure tunnel.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein each secure tunnel is a reverse Secure Shell (SSH) tunnel.
  - 3. The method of claim 1, wherein establishing the first secure tunnel and the second secure tunnel comprises:
    - identifying a first origination port, a second origination port, a first destination port, and a second destination port, wherein the first origination port and second origination port are coupled to the scanner, the first destination port is coupled to the configuration manager, and second destination port is coupled to the scan controller; and
      
      forwarding, from within the private network, the first origination port to the first destination port to create the first secure tunnel, and the second origination port to the second destination port to create the second secure tunnel.
  - 4. The method of claim 3, wherein the scanner comprises a first port coupled to the first origination port and a second port coupled to the second origination port.
  - 5. The method of claim 4, further comprising:
    - configuring the scanner to communicate scan information through the second port.
  - 6. The method of claim 1, wherein the scanner comprises:
    - a scan engine configured to scan one or more assets in the private network based on scan information provided by the scan controller; and
      
      a configuration agent configured to facilitate configuring the scan engine based on scanner configuration information provided by the configuration manager.
  - 7. The method of claim 6, wherein the scanner further comprises:
    - an SSH server.
  - 8. The method of claim 1, wherein the scan controller and the configuration manager communicate with one or more scanners located in the private network.
  - 9. The method of claim 1, wherein the first and second secure tunnels are the same tunnel.
  - 10. The method of claim 1, wherein the first secure tunnel is distinct from the second secure tunnel.

11. An apparatus comprising:
- a scan engine;
  
  a configuration agent;
  
  a first port;
  
  a second port;
  
  a memory element configured to store data; and
  
  a processor operable to execute instructions associated with the data, wherein the apparatus is configured for;
  
  establishing a first secure tunnel between a configuration manager and the configuration agent, and a second secure tunnel between a scan controller and the scan engine, wherein the apparatus is located in a public network and the configuration manager and the scan controller are located in a private network;
  
  communicating scanner configuration information between the configuration agent and the configuration manager over the first secure tunnel; and
  
  communicating scan information between the scan engine and the scan controller over the second secure tunnel.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The apparatus of claim 11, wherein each secure tunnel is a reverse Secure Shell (SSH) tunnel.
  - 13. The apparatus of claim 11, wherein the scan engine is configured to scan one or more assets in the private network based on scan information provided by the scan controller, and the configuration agent is configured to facilitate configuring the scan engine based on scanner configuration information provided by the configuration manager.
  - 14. The apparatus of claim 11, wherein establishing the first secure tunnel and the second secure tunnel comprises:
    - identifying a first origination port, a second origination port, a first destination port, and a second destination port, wherein the first origination port and second origination port are coupled to the apparatus, the first destination port is coupled to the configuration manager, and second destination port is coupled to the scan controller; and
      
      forwarding, from within the private network, the first origination port to the first destination port to create the first secure tunnel, and the second origination port to the second destination port to create the second secure tunnel.
  - 15. The apparatus of claim 14, wherein the first port is coupled to the first origination port and the second port is coupled to the second origination port.
  - 16. The apparatus of claim 15, further configured for:
    - communicating scan information through the second port.

17. Logic encoded in non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
- establishing a first secure tunnel between a configuration manager and a scanner, and a second secure tunnel between a scan controller and the scanner, wherein the scanner is located in a public network and the configuration manager and the scan controller are located in a private network;
  
  communicating scanner configuration information between the scanner and the configuration manager over the first secure tunnel; and
  
  communicating scan information between the scanner and the scan controller over the second secure tunnel.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The logic of claim 17, wherein each secure tunnel is a reverse Secure Shell (SSH) tunnel.
  - 19. The logic of claim 17, wherein the scanner comprises:
    - a scan engine configured to scan one or more assets in the private network based on scan information provided by the scan controller; and
      
      a configuration agent configured to facilitate configuring the scan engine based on scanner configuration information provided by the configuration manager.
  - 20. The logic of claim 17, wherein establishing the first secure tunnel and the second secure tunnel comprises:
    - identifying a first origination port, a second origination port, a first destination port, and a second destination port, wherein the first origination port and second origination port are coupled to the scanner, the first destination port is coupled to the configuration manager, and second destination port is coupled to the scan controller; and
      
      forwarding, from within the private network, the first origination port to the first destination port to create the first secure tunnel, and the second origination port to the second destination port to create the second secure tunnel.
  - 21. The logic of claim 20, wherein the scanner comprises a first port coupled to the first origination port and a second port coupled to the second origination port.
  - 22. The logic of claim 21, the operations further comprising:
    - configuring the scanner to communicate scan information through the second port.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Schrecker, Sven, Robison, Brian

Granted Patent

US 8,595,822 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/14
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/1433   Vulnerability analysis

SYSTEM AND METHOD FOR CLOUD BASED SCANNING FOR COMPUTER VULNERABILITIES IN A NETWORK ENVIRONMENT

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

83 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

SYSTEM AND METHOD FOR CLOUD BASED SCANNING FOR COMPUTER VULNERABILITIES IN A NETWORK ENVIRONMENT

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

83 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others