Method and apparatus for auditing network security
First Claim
1. An apparatus for auditing security of a remote computer system, comprising:
- a plurality of scanning machines in communication with a global computer network and programmed to execute selectively a security audit scan of the remote computer system via the global computer network, each scanning machine capable of conducting multiple types of security assessments; and
a central computer in communication with the plurality of scanning machines, programmed to perform operations comprising;
determining which of the plurality of scanning machines is available to perform the security audit scan by examining a schedule for each scanning machine to identify certain ones of the scanning machines that are conducting another security audit scan or are scheduled to conduct another security audit scan, the available scanning machines comprising all of the scanning machines except for the certain scanning machines;
copying scan-related information into one of the available scanning machines and instructing the scanning machine to begin the security audit scan; and
recording the results of the security audit scan in the memory.
2 Assignments
0 Petitions
Accused Products
Abstract
In an apparatus for auditing security of a computer system, at least one secure application server is in communication with a global computer network. The secure application server is programmed to receive selectively security audit instruction data from a remote computer system via the global computer network. A plurality of scanning machines each are in communication with the global computer network and are programmed to execute selectively a security audit scan of the remote computer system via the global computer network. A central computer, having a memory, is configured as a database server and as a scheduler. The central computer is in communication with the secure application server and the scanning machine. The central computer is programmed to perform the following operations: evaluate a database to determine if a security audit scan is currently scheduled to be run for a user; determine which of the plurality of scanning machines is available to perform a security audit scan; copy scan-related information into a scanning machine determined to be available and instruct the scanning machine to begin scan; and record the results of the scan in the memory.
265 Citations
20 Claims
-
1. An apparatus for auditing security of a remote computer system, comprising:
-
a plurality of scanning machines in communication with a global computer network and programmed to execute selectively a security audit scan of the remote computer system via the global computer network, each scanning machine capable of conducting multiple types of security assessments; and a central computer in communication with the plurality of scanning machines, programmed to perform operations comprising; determining which of the plurality of scanning machines is available to perform the security audit scan by examining a schedule for each scanning machine to identify certain ones of the scanning machines that are conducting another security audit scan or are scheduled to conduct another security audit scan, the available scanning machines comprising all of the scanning machines except for the certain scanning machines; copying scan-related information into one of the available scanning machines and instructing the scanning machine to begin the security audit scan; and recording the results of the security audit scan in the memory. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of auditing security, comprising the steps of:
-
determining with a central computer which of a plurality of scanning machines is available to perform a security audit scan by examining a schedule for each of the scanning machines to identify certain ones of the scanning machines that are conducting another security audit scan or are scheduled to conduct another security audit scan; and instructing with the central computer one of the available scanning machines to access a remote computer system to perform the security audit scan of the remote computer system. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method of auditing computer system security, comprising the steps of:
-
receiving at a central computer a schedule request for a security audit scan of a remote computer system; determining at the central computer when the scheduled security audit scan of the remote computer system is to be executed; in response to a determination that the scheduled security audit scan of the remote computer system is to be executed in a predetermined period of time, performing the following steps; determining at the central computer which of a plurality of scanning machines is available to perform the scheduled security audit scan by identifying certain ones of the scanning machines that are conducting another security audit scan or are scheduled to conduct another security audit scan; causing with the central computer a scanning system to establish communication with the remote computer system; and causing with the central computer the scanning system to execute the scheduled security audit scan of the remote computer system. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification