Anti-virus policy enforcement system and method
First Claim
Patent Images
1. A method for enforcing an anti-virus policy, comprising:
- (a) receiving a status command at a client computer from a network device utilizing a network;
(b) sending a status to the network device utilizing the network in response to the status command, the status rolating to anti-virus scanning software on the client computer; and
(c) initiating a response at the client computer utilizing the network based on the status;
wherein the response includes conditionally preventing access to the network by the client computer based on the status of the anti-virus scanning software, the status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software.
12 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product are provided for enforcing an anti-virus policy. Initially, a status command is received at a client computer from a network device utilizing a network. In response to the status command, a status is sent to the network device utilizing the network. Such status relates to anti-virus scanning software on the client computer. Next, a response is initiated at the client computer utilizing the network based on the status.
96 Citations
42 Claims
-
1. A method for enforcing an anti-virus policy, comprising:
-
(a) receiving a status command at a client computer from a network device utilizing a network;
(b) sending a status to the network device utilizing the network in response to the status command, the status rolating to anti-virus scanning software on the client computer; and
(c) initiating a response at the client computer utilizing the network based on the status;
wherein the response includes conditionally preventing access to the network by the client computer based on the status of the anti-virus scanning software, the status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A computer program product embodied on a computer readable medium for enforcing an anti-virus policy, comprising:
-
(a) computer code for receiving a status command at a client computer from a network device utilizing a network;
(b) computer code for sending a status to the network device utilizing the network in response to the status command, the status relating to anti-virus scanning software on the client computer; and
(c) computer code for initiating a response at the client computer utilizing the network based on the status;
wherein the response includes conditionally preventing access to the network by the client computer based on the status of the anti-virus scanning software, the status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software.
-
-
36. A system for enforcing an anti-virus policy, comprising:
-
(a) means for receiving a status command at a client computer from a network device utilizing a network;
(b) means for sending a status to the network device utilizing the network in response to the status command, the status relating to anti-virus scanning software on the client computer; and
(c) means for initiating a response at the client computer utilizing the network based on the status;
wherein the response includes conditionally preventing access to the network by the client computer based on the status of the anti-virus scanning software, the status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software.
-
-
37. A system for enforcing an anti-virus policy, comprising:
-
(a) a client agent for receiving a status command at a client computer from a network device utilizing a network, and sending a status to the network device utilizing the network in response to the status command, the status relating to anti-virus scanning software on the client computer, and (b) wherein a response at the client computer is initiated utilizing the network by on the status;
wherein the response includes conditionally preventing access to the network by the client computer based on the status of the anti-virus scanning software, the status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software.
-
-
38. A method for enforcing an anti-virus policy, comprising:
-
(a) attempting to gain access to a network via a firewall utilizing a client computer;
(b) sending a status to the firewall utilizing the network, the status relating to anti-virus scanning software on the client computer, and (c) conditionally gaining access to the network via the firewall based on the status, the status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software.
-
-
39. A method for enforcing an anti-virus policy, comprising:
-
(a) attempting to gain access to a network via a firewall utilizing a client computer; and
(b) identifying a status relating to anti-virus scanning software on the client computer, (c) wherein access is selectively allowed to the network via the firewall based on the status, the status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software.
-
-
40. A computer program product embodied on a computer readable medium for enforcing an anti-virus policy, comprising:
-
(a) computer code for attempting to gain access to a network via a firewall utilizing a client computer; and
(b) computer code for identifying a status relating to anti-virus scanning software on the client computer;
(c) wherein access is selectively allowed to the network via the firewall based on the status, the status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software.
-
-
41. A method for enforcing an anti-virus policy, comprising;
-
(a) monitoring a port on a client computer;
(b) receiving a command at the client computer utilizing a network;
(c) determining whether the command is received from a firewall; and
(d) if it is determined that the command is received from the firewall;
(i) decrypting the command, (ii) determining whether the command includes a status command or an update command. (iii) if the command includes a status command, sending a status to the firewall utilizing the network in response to the status command, the status relating to anti-virus scanning software on the client computer status including at least one of a version of the anti-virus scanning software and any deactivation of the anti-virus scanning software, wherein access is selectively allowed to the network via the firewall based on the status, and (iv) if the command includes an update command, updating the anti-virus scanning software utilizing the network in response to the update command.
-
-
42. A method for enforcing an anti-virus policy, comprising
(a) receiving a status command at a client computer from a network device utilizing a network; -
(b) sending a status to the network device utilizing the network in response to the status command, the status relating to anti-virus scanning software on the client computer; and
(c) initiating a response at the client computer utilizing the network based an the status;
wherein the status command is received in response to an attempt to access the network by the client computer;
wherein the status command is received on a predetermined port;
wherein the status command is received utilizing user datagram protocol (UDP);
wherein the network device includes a firewall;
wherein it is determined whether the status command is received from the firewall, and the status is conditionally sent based on the determination as to whether the status command is received from the firewall;
wherein the status command is encrypted, and further comprising decrypting the status command, and the status is encrypted prior to sending the status utilizing the network;
wherein the response includes conditionally preventing access to the network by the client computer based on the status, requiring an action at the client computer, conditionally including a notice to the user of the client computer based on the status where the notice indicates that the user is required to at least one of reinstall the anti-virus scanning software and reactivate the anti-virus scanning software, conditionally requiring a reinstallation of the anti-virus scanning software based on the status, conditionally requiring a reactivation of the anti-virus scanning software based on the status, and conditionally including an update command received from the network device based on the status;
wherein access to the network is prevented until the action is carried out;
wherein the update command is encrypted;
wherein the update command is received if the status indicates that the anti-virus scanning software on the client computer requires an update, and the anti-virus scanning software is updated in response to the update command;
wherein an amount of time that elapsed between the receipt of the status command and a previous receipt of the status command is determined, and the status is conditionally sent in response to the status command based on the amount of time that has elapsed;
wherein the status is sent in response to the status command if the amount of time that has elapsed is greater than a predetermined amount to prevent a denial of service attack (DOS);
wherein the status relates to aversion of the anti-virus scanning software, any tampering of the anti-virus scanning software, any removal of the anti-virus scanning software, and any deactivation of the anti-virus scanning software;
wherein (a)-(c) are carried out for a plurality of client computers communicating with the network device;
wherein the client computers communicate with the network device via a local area network (LAN).
-
Specification