NETWORK APPLIANCE FOR VULNERABILITY ASSESSMENT AUDITING OVER MULTIPLE NETWORKS
First Claim
1. A method for managing an audit by an audit extension device, comprising:
- receiving, through a security perimeter from an audit device, a request for an audit to be performed on a computing asset, the request for the audit further includes a request for information to be provided by the computing asset;
reflecting the audit based on the request for the audit towards the computing asset; and
sending a result of the audit through the security perimeter.
2 Assignments
0 Petitions
Accused Products
Abstract
An apparatus, system, and method are directed towards enabling auditing of network vulnerabilities from multiple network vantage points virtually simultaneously. Multiple network vantage points may include, but are not limited to, remote/branch enterprise sites, devices on an enterprise perimeter, on either side of a security perimeter, and even through the security perimeter. In one embodiment, an auditor performs reflected audits thereby extending auditing of network vulnerabilities to provide a comprehensive 360 degree audit of internal, external, and remote enterprise network sites. In one embodiment, the present invention may be implemented employing a single auditing device, and one or more audit extension devices that are configured to extend the auditing device'"'"'s audit reach. The auditing device and one or more audit extension devices may communicate using an encrypted network channel through a security perimeter and/or across multiple networks.
8 Citations
21 Claims
-
1. A method for managing an audit by an audit extension device, comprising:
-
receiving, through a security perimeter from an audit device, a request for an audit to be performed on a computing asset, the request for the audit further includes a request for information to be provided by the computing asset; reflecting the audit based on the request for the audit towards the computing asset; and sending a result of the audit through the security perimeter. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for managing an audit by an audit device, comprising:
-
sending a request for an audit to be performed on a computing asset through a security perimeter to an audit extension device, the request for the audit further including a request for information to be provided by the computing asset; receiving a result of the audit from the audit extension device through the security perimeter; and performing a remediation action based at least in part on a security policy. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable medium storing executable instructions that, when executed, cause an audit device to perform operations, comprising:
-
sending a request for an audit to be performed on a computing asset through a security perimeter to an audit extension device, the request for the audit further includes a request for information to be provided by the computing asset; receiving a result of the audit from the audit extension device through the security perimeter; and performing a remediation action based at least in part on a security policy.
-
-
20. An audit extension device, comprising:
-
a network interface unit configured to receive, through a security perimeter from an audit device, a request for an audit to be performed on a computing asset, the request for the audit further including a request for information to be provided by the computing asset; and a processing unit configured to; reflect the audit based on the request towards the computing asset, and send a result of the audit through the security perimeter.
-
-
21. A system, comprising:
-
an audit extension device including; a first network interface unit configured to receive, through a security perimeter, a request for an audit to be performed on a computing asset, the request for the audit including a request for information to be provided by the computing asset, and a first processing unit configured to; reflect the audit based on the request towards the computing asset, and send a result of the audit through the security perimeter; and an audit device including; a second network interface unit configured to send the request for the audit through the security perimeter, and a second processing unit configured to; receive the result of the audit from the audit extension device through the security perimeter, and perform a remediation action based at least in part on a security policy.
-
Specification