NETWORK DATA COLLECTION AND RESPONSE SYSTEM
First Claim
1. A computing device with access to a network, comprising:
- local network resources accessible to the device via the network;
a connection protocol server configured to assign a network address to the device to identify the device on the network in response to a network access request received from the device;
a network data collection and response system operative to track network activity of the device including a device inventory comprising device type and configuration information for the device and a resource utilization profile for the device without utilization of a data monitoring agent installed on the device;
the network data collection and response system further operative to detect high-risk or unauthorized network activity involving the device through passive monitoring without utilization of a monitoring agent installed on the device;
the network data collection and response system further operative to implement a response action to mitigate the high-risk or unauthorized network activity.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments include a network data collection and response system for enhancing security in an enterprise network providing a user-supplied computing device with access to the network. A network data collection and response system tracks network activity of the device and maintains a device inventory recording the device type and configuration information for the device along with a resource utilization profile for the device. The network data collection and response system detects high-risk or unauthorized network activity involving the device through passive monitoring without utilization of a data monitoring agent installed on the device and implements a response action to mitigate the high-risk or unauthorized network.
-
Citations
20 Claims
-
1. A computing device with access to a network, comprising:
-
local network resources accessible to the device via the network; a connection protocol server configured to assign a network address to the device to identify the device on the network in response to a network access request received from the device; a network data collection and response system operative to track network activity of the device including a device inventory comprising device type and configuration information for the device and a resource utilization profile for the device without utilization of a data monitoring agent installed on the device; the network data collection and response system further operative to detect high-risk or unauthorized network activity involving the device through passive monitoring without utilization of a monitoring agent installed on the device; the network data collection and response system further operative to implement a response action to mitigate the high-risk or unauthorized network activity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product for providing a user-supplied computing device with access to a network comprising local network resources accessible to the device via the network, the computer program product comprising:
-
a tangible storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method comprising; tracking network activity of the device through passive monitoring without utilization of a data monitoring agent installed on the device; inferring type and configuration information of the device; creating a device inventory comprising device type and one or more of configuration information for the device and a resource utilization profile for the device; detecting one or more of high-risk or unauthorized network activity involving the device; and implementing a response action to mitigate the high-risk or unauthorized network. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A network data recording and response system for enhancing security in a computer network providing a computing device with access to the network, the system operable for:
-
tracking network activity of the device through passive monitoring without utilization of a data monitoring agent installed on the device; inferring one or more of type and configuration information of the device; creating a device inventory comprising one or more of device type and configuration information for the device and a resource utilization profile for the device; detecting high-risk or unauthorized network activity involving the device; and implementing a response action to mitigate the high-risk or unauthorized network. - View Dependent Claims (19, 20)
-
Specification