×

METHODS, SYSTEMS, AND DEVICES FOR DYNAMICALLY MODELING AND GROUPING ENDPOINTS FOR EDGE NETWORKING

  • US 20190052659A1
  • Filed: 08/08/2018
  • Published: 02/14/2019
  • Est. Priority Date: 08/08/2017
  • Status: Active Grant
First Claim
Patent Images

1. A dynamic endpoint-based edge networking system for protecting security and integrity of an elastic computer network, the system comprising:

  • a plurality of agents, wherein each of the plurality of agents is installed on a target endpoint device, the target endpoint device being one of a plurality of endpoint devices forming an elastic computer network, and wherein each of the plurality of agents is configured to;

    access an operating system of the target endpoint device on which the agent is installed to obtain visibility of operating system processes and network communications of the target endpoint device;

    monitor the operating system processes and the network communications of the target endpoint device to obtain target endpoint data, the target endpoint data comprising information regarding at least one of the system processes or network processes of the target endpoint device;

    transmit the target endpoint data to a central server system;

    identify, using a local security protocol, one or more local anomalous indicators on the target endpoint device based at least in part on the target endpoint data; and

    respond to the one or more local anomalous indicators on an endpoint-level based at least in part on the local security protocol,wherein the local security protocol comprises one or more rule sets, policies, or access rights designed to ensure local security of each of the plurality of endpoint devices; and

    a central server system comprising;

    one or more computer readable storage devices configured to store a plurality of computer executable instructions; and

    one or more hardware computer processors in communication with the one or more computer readable storage devices and configured to execute the plurality of computer executable instructions in order to cause the central server system to;

    receive the target endpoint data from each of the plurality of agents installed on a target endpoint device;

    analyze the target endpoint data received from each of the plurality of agents to identify network-wide activity patterns;

    identify, using a network-wide security protocol, one or more network-wide anomalous indicators on a network level across the plurality of endpoint devices based at least in part on the identified network-wide activity patterns; and

    respond to the one or more network-wide anomalous indicators on the network level across the plurality of endpoint devices based at least in part on the network-wide security protocol.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×