Monitoring Remote Access to an Enterprise Network
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques to provide an improved representation of remote network access for a network administrator managing and controlling access to resources on an enterprise network. The representation indicates resources accessed by a remote computer or by a user of that computer and provides associated information useful for managing remote network access. To create the representation, multiple security associations formed between a remote client computer and resources on the enterprise network are associated with entity sessions, based on identical session identifiers generated for each security association within an entity session. The entity sessions may be aggregated into a DirectAccess “connection” between the remote client computer and the enterprise network, based on an identity of the remote client computer. Resources accessed over the connection may be identified using a session identifier of each entity session so that security associations in that entity session may be matched with the resources.
-
Citations
40 Claims
-
1-20. -20. (canceled)
-
21. A method of operating a computing device comprising at least one processor for monitoring remote access by entities to resources through security associations in a network, wherein each security association between one of the entities and one of the resources has a session identifier, the method comprising, with the at least one processor:
-
associating security associations with connections between the entities and the resources, based on at least identities of remote client computers related to the security associations, such that each security association associated with a same connection has the same session identifier and is related to a same remote client computer; and providing a representation of each connection, the representation indicating one or more of the resources accessed by one or more of the entities through the same remote client computer over the connection. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 38)
-
-
32. A computer for monitoring remote access by entities to resources through security associations in a network, wherein each security association between one of the entities and one of the resources has a session identifier, the computer comprising at least one processor, the computer adapted to, with the at least one processor:
-
associate security associations with connections between the entities and the resources, based on at least identities of remote client computers related to the security associations, such that each security association associated with a same connection has the same session identifier and is related to a same remote client computer; and provide a representation of each connection, the representation indicating one or more of the resources accessed by one or more of the entities through the same remote client computer over the connection. - View Dependent Claims (33, 34, 39)
-
-
35. At least one computer-readable storage medium, being at least one of memory and nonvolatile storage, comprising computer-executable instructions that, when executed by at least one processor, implement a method of monitoring remote access by entities to resources through security associations in a network, wherein each security association between one of the entities and one of the resources has a session identifier, the method comprising:
-
associating security associations with connections between the entities and the resources, based on at least identities of remote client computers related to the security associations, such that each security association associated with a same connection has the same session identifier and is related to a same remote client computer; and providing information on each connection, the information indicating one or more of the resources accessed by one or more of the entities through the same remote client computer over the connection. - View Dependent Claims (36, 37, 40)
-
Specification