Dynamic remediation of a client computer seeking access to a network with a quarantine enforcement policy
First Claim
1. A computer-implemented method of operating a computer system according to a quarantine enforcement policy, the computer system having a client, a first server and a second server, the method comprising:
- determining, by the client, at least two statuses selected from a group including a status of antivirus software executing on the client, a status of antispyware software executing on the client, a status of firewall software executing on the client, and a status of patches of operating system software on the client,aggregating, by the client computer, the determined at least two statuses,sending from the client to the first server a request for access to a managed network, the request for access comprising status information including information about the aggregated at least two statuses concerning the client;
receiving at the client a communication from the first server, the communication including information for displaying to a user, the information including information regarding the quarantine enforcement policy and a first link capable of being activated by the user to cause instructions for downloading to be displayed to the user, the information regarding the quarantine enforcement policy including information regarding one or more aspects of the quarantine enforcement policy with which at least one of the at least two statuses is not in compliance, wherein, when the quarantine enforcement policy allows a quarantined client restricted access to the managed network, receiving at the client the communication from the first server notifies the client that the client is granted restricted access to the managed network for a period of time;
displaying, by the client to the user, the information included in the communication from the first server; and
using an address of the second server included in the communication from the first server, in response to the user activating the first link, to download computer-executable instructions or data to qualify the client for access to the managed network in accordance with the quarantine enforcement policy, wherein when the client is granted restricted access and the client does not qualify for access to the managed network in accordance with the quarantine enforcement policy by the end of the period of time, the restricted access is revoked.
2 Assignments
0 Petitions
Accused Products
Abstract
A network in which remediation is provided to keep protective software in network clients up-to-date. As network clients connect to an access control server, the clients provide status information concerning their protective software. The access server determines whether the clients comply with a quarantine enforcement policy. Clients that comply with the policy are granted access to the network. Those that do not comply with the quarantine enforcement policy are either denied access or given limited access to the network for purposes of remediation. When the access control server denies access to a client, it determines remediation steps required to bring the client into compliance with the quarantine enforcement policy. This remediation information is communicated to the client to facilitate remediation of the client on either an automated or a manual basis. The remediation information may be communicated in the form of an address from which the client may obtain software updates, executable software, human-usable information or both remediation information.
-
Citations
20 Claims
-
1. A computer-implemented method of operating a computer system according to a quarantine enforcement policy, the computer system having a client, a first server and a second server, the method comprising:
-
determining, by the client, at least two statuses selected from a group including a status of antivirus software executing on the client, a status of antispyware software executing on the client, a status of firewall software executing on the client, and a status of patches of operating system software on the client, aggregating, by the client computer, the determined at least two statuses, sending from the client to the first server a request for access to a managed network, the request for access comprising status information including information about the aggregated at least two statuses concerning the client; receiving at the client a communication from the first server, the communication including information for displaying to a user, the information including information regarding the quarantine enforcement policy and a first link capable of being activated by the user to cause instructions for downloading to be displayed to the user, the information regarding the quarantine enforcement policy including information regarding one or more aspects of the quarantine enforcement policy with which at least one of the at least two statuses is not in compliance, wherein, when the quarantine enforcement policy allows a quarantined client restricted access to the managed network, receiving at the client the communication from the first server notifies the client that the client is granted restricted access to the managed network for a period of time; displaying, by the client to the user, the information included in the communication from the first server; and using an address of the second server included in the communication from the first server, in response to the user activating the first link, to download computer-executable instructions or data to qualify the client for access to the managed network in accordance with the quarantine enforcement policy, wherein when the client is granted restricted access and the client does not qualify for access to the managed network in accordance with the quarantine enforcement policy by the end of the period of time, the restricted access is revoked. - View Dependent Claims (2, 3, 4, 5, 6, 19)
-
-
7. A computer-readable medium adapted for use on a client computer, the computer-readable medium having computer-executable instructions for performing steps comprising:
-
determining, by each one of a plurality of agents executing on the client computer, a respective specific type of status information; aggregating, on the client computer, the respective specific types of status information; generating, by the client computer, a request for access to a network implementing a quarantine enforcement policy, the request for access including information on the aggregated respective specific types of status information of the client computer; receiving, by the client computer, a response to the request for access, the response including an aspect of the quarantine enforcement policy with which at least one of the respective types of status information is not in compliance, wherein, when the quarantine enforcement policy allows a quarantined client restricted access to the network, receiving, by the client computer, the response notifies the client computer that the client computer is granted restricted access to the network for a period of time; and performing, by the client computer, a remediation action, the remediation action selected based on information in the response, and the remediation action comprising using remediation information communicated in conjunction with the response to do at least one of; i) automatically obtain updates for protective software; ii) display information to a human user; and iii) obtain a computer-executable script, wherein when the client computer is granted restricted access and the client computer does not qualify for access to the network by the end of the period of time, the restricted access is revoked. - View Dependent Claims (8, 9, 10, 11, 20)
-
-
12. A computer-implemented method of operating a computer system according to a quarantine enforcement policy, the computer system having a client, a first server and a second server, the method comprising:
-
receiving, at the first server, status information originating from the client, the status information including information about at least two statuses selected from a group including a status of antivirus software executing on the client, a status of antispyware software executing on the client, a status of firewall software executing on the client, and a status of patches of operating system software within the client; determining, at the first server, whether the client complies with the quarantine enforcement policy; when the client does not comply with the quarantine enforcement policy, identifying, at the first server, a reason why the client does not comply with the quarantine enforcement policy and, when the quarantine enforcement policy allows a quarantined client restricted access to a managed network, granting to the client restricted access to a managed network for a period of time; and using, by the first server, the identified reason to select an address of remediation information from a table mapping a rule that forms a portion of the quarantine enforcement policy to an address that includes information on how a client can comply with the rule; and sending, by the first server, the selected address to the client wherein when the client is granted restricted access and the client does not comply with the quarantine enforcement policy by the end of the period of time, the restricted access is revoked. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification