NETWORK APPLIANCE FOR VULNERABILITY ASSESSMENT AUDITING OVER MULTIPLE NETWORKS

US 20140013384A1
Filed: 08/30/2013
Published: 01/09/2014
Est. Priority Date: 01/19/2005
Status: Active Grant

First Claim

Patent Images

1. A method for managing an audit by an audit extension device, comprising:

receiving, through a security perimeter from an audit device, a request for an audit to be performed on a computing asset, the request for the audit further includes a request for information to be provided by the computing asset;

reflecting the audit based on the request for the audit towards the computing asset; and

sending a result of the audit through the security perimeter.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus, system, and method are directed towards enabling auditing of network vulnerabilities from multiple network vantage points virtually simultaneously. Multiple network vantage points may include, but are not limited to, remote/branch enterprise sites, devices on an enterprise perimeter, on either side of a security perimeter, and even through the security perimeter. In one embodiment, an auditor performs reflected audits thereby extending auditing of network vulnerabilities to provide a comprehensive 360 degree audit of internal, external, and remote enterprise network sites. In one embodiment, the present invention may be implemented employing a single auditing device, and one or more audit extension devices that are configured to extend the auditing device'"'"'s audit reach. The auditing device and one or more audit extension devices may communicate using an encrypted network channel through a security perimeter and/or across multiple networks.

8 Citations

View as Search Results

21 Claims

1. A method for managing an audit by an audit extension device, comprising:
- receiving, through a security perimeter from an audit device, a request for an audit to be performed on a computing asset, the request for the audit further includes a request for information to be provided by the computing asset;
  
  reflecting the audit based on the request for the audit towards the computing asset; and
  
  sending a result of the audit through the security perimeter.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising assuming operations of the audit device in response to a first detection indicating that the audit device is in a failure condition.
  - 3. The method of claim 2, further comprising communicating with the audit device and relinquishing operations of the audit device in response to a second detection indicating that the audit device is not in the failure condition.
  - 4. The method of claim 2, further comprising communicating with a network device and relinquishing operations of the audit device in response to a second detection indicating that the network device is assuming operations of the audit device.
  - 5. The method of claim 1, wherein the computing asset is on a same side of the security perimeter as the audit extension device.
  - 6. The method of claim 1, wherein the request for the audit further includes at least one of a request for a configuration, a probe, or a request for a resource associated with the computing asset.
  - 7. The method of claim 1, wherein the audit extension device is configured as a network appliance.
  - 8. The method of claim 1, wherein at least one of the receiving the request for the audit or the sending the result of the audit is performed through a secure network path.
  - 9. The method of claim 1, wherein the computing asset is on a different networking side of the security perimeter as the audit extension device.

10. A method for managing an audit by an audit device, comprising:
- sending a request for an audit to be performed on a computing asset through a security perimeter to an audit extension device, the request for the audit further including a request for information to be provided by the computing asset;
  
  receiving a result of the audit from the audit extension device through the security perimeter; and
  
  performing a remediation action based at least in part on a security policy.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein the computing asset is on a same side of the security perimeter as the audit extension device.
  - 12. The method of claim 10, wherein the request for the audit further includes at least one of a request for a configuration, a probe, or a request for a resource associated with the computing asset.
  - 13. The method of claim 10, wherein the performing the remediation action includes at least one of providing a recommendation on a configuration, control, security policy, or a procedure associated with the computing asset.
  - 14. The method of claim 10, wherein the audit device is configured as a network appliance.
  - 15. The method of claim 10, wherein the computing asset is on a different networking side of the security perimeter as the audit extension device.
  - 16. The method of claim 10, further comprising instructing the audit extension device to quarantine the computing asset in a quarantined network in response to the computing asset failing to satisfy the security policy.
  - 17. The method of claim 16, further comprising removing the computing asset from the quarantined network in response to the result of the audit or the remediation action indicating that the computing asset satisfies the security policy.
  - 18. The method of claim 10, wherein at least one of the sending the audit request or the receiving the result of the audit is performed through a secure network path.

19. A non-transitory computer-readable medium storing executable instructions that, when executed, cause an audit device to perform operations, comprising:
- sending a request for an audit to be performed on a computing asset through a security perimeter to an audit extension device, the request for the audit further includes a request for information to be provided by the computing asset;
  
  receiving a result of the audit from the audit extension device through the security perimeter; and
  
  performing a remediation action based at least in part on a security policy.

20. An audit extension device, comprising:
- a network interface unit configured to receive, through a security perimeter from an audit device, a request for an audit to be performed on a computing asset, the request for the audit further including a request for information to be provided by the computing asset; and
  
  a processing unit configured to;
  
  reflect the audit based on the request towards the computing asset, andsend a result of the audit through the security perimeter.

21. A system, comprising:
- an audit extension device including;
  
  a first network interface unit configured to receive, through a security perimeter, a request for an audit to be performed on a computing asset, the request for the audit including a request for information to be provided by the computing asset, anda first processing unit configured to;
  
  reflect the audit based on the request towards the computing asset, andsend a result of the audit through the security perimeter; and
  
  an audit device including;
  
  a second network interface unit configured to send the request for the audit through the security perimeter, anda second processing unit configured to;
  
  receive the result of the audit from the audit extension device through the security perimeter, andperform a remediation action based at least in part on a security policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Callahan Cellular LLC (Intellectual Ventures LLC)
Original Assignee
Vadarro Services LLC (Intellectual Ventures LLC)
Inventors
WEBB, Evan M., BOSCOLO, Christopher D., GILDE, Robert G.

Granted Patent

US 9,306,967 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/1408   by monitoring network traff...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

H04L 63/20   for managing network securi...

NETWORK APPLIANCE FOR VULNERABILITY ASSESSMENT AUDITING OVER MULTIPLE NETWORKS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

8 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

NETWORK APPLIANCE FOR VULNERABILITY ASSESSMENT AUDITING OVER MULTIPLE NETWORKS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links