Method and apparatus for configuring servers
First Claim
Patent Images
1. A method comprising:
- determining a role that a target server will perform;
identifying at least one security policy associated with the role, wherein identifying the at least one security policy includes;
accessing a knowledge base containing security parameters associated with roles that a server might perform; and
identifying services and communication ports used by roles that a server might perfom;
configuring the target server to implement the identified security policy, wherein configuring the target server includes;
generating a target server policy based on the role and the security policy associated with the role; and
applying the target server policy to the target server.
4 Assignments
0 Petitions
Accused Products
Abstract
A process determines a role that a target server will perform. The process also identifies at least one security policy associated with the role. The target server is then configured to implement the identified security policies.
26 Citations
29 Claims
-
1. A method comprising:
-
determining a role that a target server will perform; identifying at least one security policy associated with the role, wherein identifying the at least one security policy includes; accessing a knowledge base containing security parameters associated with roles that a server might perform; and identifying services and communication ports used by roles that a server might perfom; configuring the target server to implement the identified security policy, wherein configuring the target server includes; generating a target server policy based on the role and the security policy associated with the role; and applying the target server policy to the target server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method comprising:
-
identifying a target server; determining at least one role that the target server is able to perform; identifying operating characteristics associated with the role that the target server is able to perform, wherein identifying the operating characteristics includes; identifying security services used by the role; and identifying communication ports used by the role; identifying a particular role to be performed by the target server; and configuring the target server based on the particular role to be performed by the target server and the operating characteristics associated with the particular role. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A method comprising:
-
identifying a target server; identifying operating characteristics associated with possible server roles; tagging operating characteristics associated with one or more roles that the target server is capable of performing; identifying a role that the target server will perform; and configuring the target server to perform the identified role, wherein configuring the target server includes; generating a target server policy based on the identified role; and applying the target server policy to the target server. - View Dependent Claims (18, 19, 20, 21)
-
-
22. An apparatus comprising:
-
means for determining one or more roles that a target server is able to perform; means for identifying operating characteristics associated with the plurality of roles that the target server is able to perform; means for identifying a particular role to be performed by the target server; means for configuring the target server based on the particular role to be performed by the target server and operating characteristics associated with the particular role; means for identifying a plurality of services associated with the particular role; and means for identifying a plurality of ports associated with the particular role. - View Dependent Claims (23)
-
-
24. An apparatus comprising:
-
a knowledge base containing characteristics associated with a plurality of server roles; a pre-processor coupled to the knowledge base and configured to identify characteristics of a target server coupled to the pre-processor; and a configuration engine coupled to the pre-processor, the configuration engine is to apply configuration information to the target server, and wherein the configuration information includes at least one service associated with a server role to be performed by the target server and at least one port associated with a server role to be performed by the target server. - View Dependent Claims (25, 26, 27)
-
-
28. One or more computer-readable media having stored thereon a computer program that, when executed by one or more processors, causes the one or more processors to:
-
retrieve data associated with one or more server roles from a knowledge base; determine one or more roles that a target server is capable of performing, wherein the one or more roles that the target server is capable of performing have; at least one associated service; and at least one associated port; obtain user preferences regarding at least one role to be implemented by the target server; and configure the target server based on data associated with the at least one role. - View Dependent Claims (29)
-
Specification