ENDPOINT AGENT FOR ENTERPRISE SECURITY SYSTEM
First Claim
1. A method for installing a plug-in to an endpoint security agent executing on an endpoint in a networked computer environment, the method comprising:
- receiving a policy from a cloud server, the policy specifying an operating configuration of the endpoint security agent to provide security to the endpoint;
identifying a plug-in specified by the policy that is not currently installed in the endpoint security agent and configuration information for the plug-in specified by the policy, the plug-in configured to perform a security function relating to the endpoint;
retrieving the plug-in from the cloud server;
configuring the plug-in according to the configuration information;
obtaining, from the plug-in, command type identifiers for a set of command types subscribed to by the plug-in;
updating a communication table to store associations between the plug-in and each of the command type identifiers obtained from the plug-in;
receiving a target command from the cloud server;
identifying a target command type identifier from the target command received from the cloud server;
determining, based on the communication table, a subscribing plug-in of the endpoint security agent associated with the target command type identifier in the target command; and
sending the target command to the subscribing plug-in.
5 Assignments
0 Petitions
Accused Products
Abstract
An endpoint security agent facilitates a security policy on an endpoint computing device. The endpoint agent comprises an engine and one or more plugins that each provide a particular security feature. The endpoint agent receives a policy from a cloud server specifying one or more plug-ins used by the policy and configuration of those plug-ins. The endpoint agent retrieves, installs, and configures the one or more plugins. The endpoint agent updates a communication table with command subscription information obtained from each installed plugin indicating command types subscribed to by each plug-in. When a command is received, a lookup of the command type is performed in the table, and the command is sent to the subscribing plugin.
23 Citations
23 Claims
-
1. A method for installing a plug-in to an endpoint security agent executing on an endpoint in a networked computer environment, the method comprising:
-
receiving a policy from a cloud server, the policy specifying an operating configuration of the endpoint security agent to provide security to the endpoint; identifying a plug-in specified by the policy that is not currently installed in the endpoint security agent and configuration information for the plug-in specified by the policy, the plug-in configured to perform a security function relating to the endpoint; retrieving the plug-in from the cloud server; configuring the plug-in according to the configuration information; obtaining, from the plug-in, command type identifiers for a set of command types subscribed to by the plug-in; updating a communication table to store associations between the plug-in and each of the command type identifiers obtained from the plug-in; receiving a target command from the cloud server; identifying a target command type identifier from the target command received from the cloud server; determining, based on the communication table, a subscribing plug-in of the endpoint security agent associated with the target command type identifier in the target command; and sending the target command to the subscribing plug-in. - View Dependent Claims (4, 5, 6, 7, 8)
-
- 2. (canceled)
-
9. A non-transitory computer-readable storage medium storing instructions for installing a plug-in to an endpoint security agent executing on an endpoint in a networked computer environment, the instructions when executed by a processor cause the processor to perform steps comprising:
-
receiving a policy from a cloud server, the policy specifying an operating configuration of the endpoint security agent to provide security to the endpoint; identifying a plug-in specified by the policy that is not currently installed in the endpoint security agent and configuration information for the plug-in specified by the policy, the plug-in configured to perform a security function relating to the endpoint; retrieving the plug-in from the cloud server; configuring the plug-in according to the configuration information; obtaining, from the plug-in, command type identifiers for a set of command types subscribed to by the plug-in; updating a communication table to store associations between the plug-in and each of the command type identifiers obtained from the plug-in; receiving a target command from the cloud server; identifying a target command type identifier from the target command received from the cloud server; determining, based on the communication table, a subscribing plug-in of the endpoint security agent associated with the target command type identifier in the target command; and sending the target command to the subscribing plug-in. - View Dependent Claims (11, 12, 13, 14, 15, 21)
-
-
10. (canceled)
-
16. A security system for implementing a security policy on a plurality of endpoints in a networked computer environment, the security system comprising:
-
one or more computer processors; and one or more non-transitory computer-readable storage media, the storage media storing computer program instructions executable by the one or more computer processors to perform steps comprising; receiving a policy from a cloud server, the policy specifying an operating configuration of the endpoint security agent to provide security to the endpoint; identifying a plug-in specified by the policy that is not currently installed in the endpoint security agent and configuration information for the plug-in specified by the policy, the plug-in configured to perform a security function relating to the endpoint; retrieving the plug-in from the cloud server; configuring the plug-in according to the configuration information; obtaining, from the plug-in, command type identifiers for a set of command types subscribed to by the plug-in; updating a communication table to store associations between the plug-in and each of the command type identifiers obtained from the plug-in; receiving a target command from the cloud server; identifying a target command type identifier from the target command received from the cloud server; determining, based on the communication table, a subscribing plug-in of the endpoint security agent associated with the target command type identifier in the target command; and sending the target command to the subscribing plug-in. - View Dependent Claims (18, 19, 20, 22, 23)
-
-
17. (canceled)
Specification