METHOD FOR ENFORCING ENDPOINT HEALTH STANDARDS
First Claim
1. A method of securing a network from vulnerable endpoints, the method comprising:
- implementing an interrogating inline frame that is operably integrated within a login web application that enables access to the network with successful login credentials from a user;
using the interrogating inline frame to collect a first set of data that includes web browser identification data from a web browser interacting with the login web application;
interrogating by the interrogating inline frame an agent-less endpoint user device that is operating the web browser;
collecting by the interrogating inline frame responses to the interrogation, wherein the responses comprises a second set of data that includes endpoint device data of the agent-less endpoint user device;
generating an endpoint security assessment of the agent-less endpoint user device and the login web browser based on an evaluation of the collected web browser identification data and the collected endpoint device data against one or more predetermined endpoint health requirements of the network;
enabling the agent-less endpoint user device to successfully login to the network via the login web application when the endpoint security assessment of the agent-less endpoint user device and the web browser satisfy the one or more predetermined endpoint health requirements of the network, ordisabling the agent-less endpoint user device from accessing the network via the login web application when the endpoint security assessment of the agent-less endpoint user device and the web browser do not satisfy the one or more predetermined endpoint health requirements of the network.
4 Assignments
0 Petitions
Accused Products
Abstract
An approach for enforcing standards regarding security vulnerabilities for an endpoint user device associated with a user includes collecting, at an inline frame implemented with a web application, endpoint health data of the endpoint user device in response to the user interfacing with the web application through the endpoint user device, generating endpoint health intelligence from the endpoint health data, the endpoint health intelligence indicating endpoint security health of the endpoint user device, generating a first endpoint health notification comprising the endpoint health intelligence, and notifying an administrator of network with the first endpoint health notification.
-
Citations
18 Claims
-
1. A method of securing a network from vulnerable endpoints, the method comprising:
-
implementing an interrogating inline frame that is operably integrated within a login web application that enables access to the network with successful login credentials from a user; using the interrogating inline frame to collect a first set of data that includes web browser identification data from a web browser interacting with the login web application; interrogating by the interrogating inline frame an agent-less endpoint user device that is operating the web browser; collecting by the interrogating inline frame responses to the interrogation, wherein the responses comprises a second set of data that includes endpoint device data of the agent-less endpoint user device; generating an endpoint security assessment of the agent-less endpoint user device and the login web browser based on an evaluation of the collected web browser identification data and the collected endpoint device data against one or more predetermined endpoint health requirements of the network; enabling the agent-less endpoint user device to successfully login to the network via the login web application when the endpoint security assessment of the agent-less endpoint user device and the web browser satisfy the one or more predetermined endpoint health requirements of the network, or disabling the agent-less endpoint user device from accessing the network via the login web application when the endpoint security assessment of the agent-less endpoint user device and the web browser do not satisfy the one or more predetermined endpoint health requirements of the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of securing a network from agent-less endpoints, the method comprising:
-
implementing an inline frame that is operably integrated within a web application that is used to login into the network; using the inline frame to collect; (i) a first set of data that includes web browser identification data from an agent-less endpoint web browser interacting with the web application; (ii) a second set of data that includes endpoint device data of an agent-less endpoint user device that is operating the agent-less web browser by interrogating the agent-less endpoint user device and collecting responses to the interrogation; generating an endpoint security assessment of the agent-less endpoint user device and the web browser based on an evaluation of the collected web browser identification data and the collected endpoint device data against predetermined endpoint health requirements of the network; enabling the agent-less endpoint user device to successfully login to the network via the web application when the endpoint security assessment of the agent-less endpoint user device and the web browser satisfy the predetermined endpoint health requirements of the network, or disabling the agent-less endpoint user device from accessing the network via the web application when the endpoint security assessment of the agent-less endpoint user device and the web browser do not satisfy the predetermined endpoint health requirements of the network. - View Dependent Claims (16)
-
-
17. A system for securing a network from vulnerable endpoints, the method comprising:
-
a web application server that deploys a login web application that enables access to the network with successful login credentials from a user; an endpoint health computing server comprising a non-transitory computer-readable medium storing instructions that, when executed by one or more computer processors, perform steps of; implementing an interrogating inline frame that is operably integrated within a login web application that enables access to the network with successful login credentials from a user; using the interrogating inline frame to collect a first set of data that includes web browser identification data from a web browser interacting with the login web application; interrogating by the interrogating inline frame an agent-less endpoint user device that is operating the web browser; collecting by the interrogating inline frame responses to the interrogation, wherein the responses comprises a second set of data that includes endpoint device data of the agent-less endpoint user device; generating an endpoint security assessment of the agent-less endpoint user device and the login web browser based on an evaluation of the collected web browser identification data and the collected endpoint device data against one or more predetermined endpoint health requirements of the network; enabling the agent-less endpoint user device to successfully login to the network via the login web application when the endpoint security assessment of the agent-less endpoint user device and the web browser satisfy the one or more predetermined endpoint health requirements of the network, or disabling the agent-less endpoint user device from accessing the network via the login web application when the endpoint security assessment of the agent-less endpoint user device and the web browser do not satisfy the one or more predetermined endpoint health requirements of the network. - View Dependent Claims (18)
-
Specification