System, method and computer program product for controlling network communications based on policy compliance
First Claim
Patent Images
1. A method, comprising:
- assessing compliancy, based on one or more policies, of at least one subset of computers, each of which include an instance of a scanner, wherein said compliancy is assessed by the respective instance of a scanner;
receiving, at a server, information over a communication network relating to the at least one subset of computers that are at least potentially out of compliance with the one or more policies, wherein the information is received from the respective instance of a scanner;
compiling a blacklist utilizing the information, wherein the blacklist identifies the at least one subset of computers; and
sending, by the server, via the communications network the blacklist to a plurality of other computers,wherein network communication involving the at least one subset of computers is controlled at plurality of other computers utilizing the blacklist,wherein a network communication involving the at least one subset of computers is controlled utilizing a respective firewall of the at least one subset of computers such that a two-way quarantining is established in order to isolate out of compliance computers, andwherein a plurality of different subsets of computers is quarantined as a function of the computers themselves, thereby creating multiple quarantine zones, andwherein each of the quarantine zones is defined by domain name and implemented such that one of the computers on the blacklist and included in one of the quarantine zones defined by a first domain is denied from communicating with other computers in the first domain and is allowed to communicate with other computers in a second domain that is different from the first domain, and wherein the information identifying the at least one at least potentially out of compliance computer includes an Internet protocol (IP) address, a description of a behavior, and a severity associated with a violation of the policy that resulted in the at least one subset of computers being at least potentially out of compliance with the policy,wherein a network communication involving the at least one subset of computers is capable of being controlled utilizing a white list, the white list compiled utilizing the information.
10 Assignments
0 Petitions
Accused Products
Abstract
A policy management system, method and computer program product are provided. In use, information is received over a network relating to at least one subset of computers that are at least potentially out of compliance with a policy. Further, such information is sent to a plurality of the computers, utilizing the network. To this end, network communication involving the at least one subset of computers is capable of being controlled utilizing the information.
57 Citations
22 Claims
-
1. A method, comprising:
-
assessing compliancy, based on one or more policies, of at least one subset of computers, each of which include an instance of a scanner, wherein said compliancy is assessed by the respective instance of a scanner; receiving, at a server, information over a communication network relating to the at least one subset of computers that are at least potentially out of compliance with the one or more policies, wherein the information is received from the respective instance of a scanner; compiling a blacklist utilizing the information, wherein the blacklist identifies the at least one subset of computers; and sending, by the server, via the communications network the blacklist to a plurality of other computers, wherein network communication involving the at least one subset of computers is controlled at plurality of other computers utilizing the blacklist, wherein a network communication involving the at least one subset of computers is controlled utilizing a respective firewall of the at least one subset of computers such that a two-way quarantining is established in order to isolate out of compliance computers, and wherein a plurality of different subsets of computers is quarantined as a function of the computers themselves, thereby creating multiple quarantine zones, and wherein each of the quarantine zones is defined by domain name and implemented such that one of the computers on the blacklist and included in one of the quarantine zones defined by a first domain is denied from communicating with other computers in the first domain and is allowed to communicate with other computers in a second domain that is different from the first domain, and wherein the information identifying the at least one at least potentially out of compliance computer includes an Internet protocol (IP) address, a description of a behavior, and a severity associated with a violation of the policy that resulted in the at least one subset of computers being at least potentially out of compliance with the policy, wherein a network communication involving the at least one subset of computers is capable of being controlled utilizing a white list, the white list compiled utilizing the information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
12. A computer program product embodied on a non-transitory computer readable storage medium for performing operations, comprising:
-
assessing compliancy, based on one or more policies, of at least one subset of computers, each of which include an instance of a scanner, wherein said compliancy is assessed by the respective instance of a scanner; receiving, at least one server, information over a communication network relating to the at least one subset of computers that are at least potentially out of compliance with the one or more policies, wherein the information is received from the respective instance of a scanner; compiling a blacklist utilizing the information, wherein the blacklist identifies the at least one subset of computers, wherein the blacklist identifies the at least one subset of computers; and sending, by the at least one server, via the communication network the blacklist to a plurality of other computers, wherein network communications involving the at least one subset of computers is controlled at the plurality of the other computers utilizing the blacklist, wherein network communications involving the at least one subset of computers is controlled utilizing a respective firewall of the at least one subset of computers such that a two-way quarantining is established in order to isolate out of compliance computers, and wherein a plurality of different subsets of computers is quarantined as a function of the computers themselves, thereby creating multiple quarantine zones, and wherein each of the quarantine zones is defined by domain name and implemented such that one of the computers on the blacklist and included in one of the quarantine zones defined by a first domain is denied from communicating with other computers in the first domain and is allowed to communicate with other computers in a second domain that is different from the first domain, and wherein the information identifying the at least one at least potentially out of compliance computer includes an Internet protocol (IP) address, a description of a behavior, and a severity associated with a violation of the policy that resulted in the at least one subset of computers being at least potentially out of compliance with the policy, wherein the network communication involving the at least one subset of computers is capable of being controlled utilizing a white list, the white list compiled utilizing the information.
-
Specification