Secure virtual private network utilizing a diagnostics policy and diagnostics engine to establish a secure network connection
First Claim
1. A system for providing a secure communications link between a server and a client device over a network comprising:
- a. a diagnostics policy stored on the server, wherein the diagnostics policy comprises data indicating one or more device configurations or components that the client device must have in order to securely couple to the server, and further wherein an initial coupling of the client device with the server is established for downloading the diagnostics policy to the client device;
b. a library stored on the client device for storing information;
c. a diagnostics engine stored on the client device for detecting and resolving one or more issues on the client device; and
d. a network communication module for establishing a network connection between the client device and the server over the network, wherein the network communication module with the diagnostics engine prevents communications between the client device and the server unrelated to the diagnostics policy until the one or more issues are resolved by using cryptographic tunneling such that only the diagnostics policy is able to be transferred from the server to the client device.
5 Assignments
0 Petitions
Accused Products
Abstract
A secure virtual private network (VPN) is described herein. The secure VPN implements standard VPN software with diagnostics to ensure a client device coupling to the VPN is secure. The diagnostics include a policy, a library and an engine where the policy determines what the requirements are for permitting the client device to couple to the VPN. The library stores programs for checking if the client device has any problems. The engine gathers information related to the client device and executes the programs stored within the library. When a user attempts to couple to the VPN with a client device, the server initiates the policy, library and engine to check for issues, and then the user is informed of the issues and/or a mechanism automatically fixes the issues. After the client device is verified as secure, it is able to couple to the VPN for data transfers.
-
Citations
48 Claims
-
1. A system for providing a secure communications link between a server and a client device over a network comprising:
-
a. a diagnostics policy stored on the server, wherein the diagnostics policy comprises data indicating one or more device configurations or components that the client device must have in order to securely couple to the server, and further wherein an initial coupling of the client device with the server is established for downloading the diagnostics policy to the client device; b. a library stored on the client device for storing information; c. a diagnostics engine stored on the client device for detecting and resolving one or more issues on the client device; and d. a network communication module for establishing a network connection between the client device and the server over the network, wherein the network communication module with the diagnostics engine prevents communications between the client device and the server unrelated to the diagnostics policy until the one or more issues are resolved by using cryptographic tunneling such that only the diagnostics policy is able to be transferred from the server to the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for providing a secure communications link between a server and a client over a network comprising:
-
a. a diagnostics policy stored on the server wherein the diagnostics policy comprises data indicating a set of requirements that the client device must have in order to be permitted to couple to the server, and further wherein an initial coupling of the client device with the server is established in order to download the diagnostics policy from the server to the client device; b. an expert system library stored on the client device for storing one or more programs; and c. an diagnostics engine stored on the client device for detecting and resolving one or more issues on the client device; d. a network communication module for establishing a network connection between the client device and the server over the network, wherein the network communication module with the diagnostics engine prevents communications unrelated to the diagnostics policy between the client device and the server until the one or more issues are resolved by using cryptographic tunneling such that only the diagnostics policy is able to be transferred from the server to the client device. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A method of securing a communications link between a server and a client device over a network comprising:
-
a. coupling the client device with the server over the network; b. establishing a limited network connection between the client device and the server, wherein the limited network connection is established for downloading a diagnostics policy to the client device, and further wherein the diagnostics policy comprises data indicating one or more device configurations or components that the client device must have in order to securely couple to the server; c. preventing communications between the client device and the server unrelated to the diagnostics policy until a secure network connection is established by using cryptographic tunneling such that only the diagnostics policy is able to be transferred from the server to the client device; d. downloading a diagnostics policy from the server to the client device; e. running a diagnostics engine utilizing a library on the client device; and f. establishing a secure network connection if the diagnostics engine completes without any issues. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A network of devices for establishing a secure virtual private network comprising:
-
a. a private network containing one or more secure devices, wherein at least one of the one or more secure devices is a server for storing a diagnostics policy, wherein the diagnostics policy comprises data indicating one or more device configurations or components that the client device must have in order to securely couple to the server; and b. one or more client devices coupled to the private network through a public network, wherein the one or more client devices contain a diagnostics engine and a diagnostics library, wherein an initial coupling of the one or more client devices with the server is established for downloading the diagnostics policy to the one or more client devices; and c. a network communication module for establishing a network connection between the one or more client devices and the server, wherein the network communication module with the diagnostics engine prevents communications between the client device and the server unrelated to the diagnostics policy until any issues detected by the diagnostics engine are resolved by using cryptographic tunneling such that only the diagnostics policy is able to be transferred from the server to the client device. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. A communications apparatus for providing a secure communications link between a server and a client device over a network comprising:
-
a. a diagnostics policy stored on the server, wherein the diagnostics policy comprises data indicating one or more device configurations or components that the client device must have in order to securely couple to the server; b. a network communication module for establishing an initial coupling of the client device with the server that prevents communications between the client device and the server unrelated to the diagnostics policy by using cryptographic tunneling such that only the diagnostics policy is able to be transferred from the server to the client device.
-
-
48. A communications apparatus for providing a secure communications link between a server and a client device over a network comprising:
-
a. a diagnostics policy stored on the server comprising data indicating a set of requirements that the client device must have in order to be permitted to couple to the server, wherein an initial coupling of the client device with the server utilizing cryptographic tunneling to only enable the download of the diagnostics policy to the client device; b. a library stored on the client device for storing information; and c. a diagnostics engine stored on the client device for using the diagnostics policy and the library to detect and resolve one or more issues related to the requirements on the client device, wherein the detecting and resolving of the one or more issues occurs after installation of the diagnostics engine, wherein if the diagnostics engine resolves one or more of the issues, then a secure coupling between the client device and the server sufficient for full data transfers is established over the network.
-
Specification