Policy based selection of remediation
DCFirst Claim
1. A method of automatically determining one or more remediations for a device that includes a processor, the method comprising:
- receiving values of a plurality of parameters which collectively characterize an operational state of the device;
retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device;
applying, by a computer processor, the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated;
when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; and
deploying the at least one retrieved remediation to the device.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A method, of automatically determining one or more remediations for a device that includes a processor, may include: receiving values of a plurality of parameters which collectively characterize an operational state of the device, there being at least one policy associated with at least a given one of the plurality of parameters, policy defining as a condition thereof one or more potential values of, or based upon, the given parameter, satisfaction of the condition potentially being indicative of unauthorized activity or manipulation of the device; automatically determining, from the received parameter values, whether the conditions for any policies are satisfied, respectively; and automatically selecting one or more remediations for the device according to the satisfied policies, respectively.
-
Citations
43 Claims
-
1. A method of automatically determining one or more remediations for a device that includes a processor, the method comprising:
-
receiving values of a plurality of parameters which collectively characterize an operational state of the device; retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device; applying, by a computer processor, the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated; when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; and deploying the at least one retrieved remediation to the device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A non-transitory computer-readable storage medium including instructions stored thereon, execution of which by a processor of a computing device cause the computer to perform a method including:
-
receiving values of a plurality of parameters which collectively characterize an operational state of the device; retrieving, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the device; applying the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated;
when the retrieved at least one policy is violated, retrieving from a remediation database at least one remediation for the device according to the violated policy; anddeploying the at least one retrieved remediation to the device. - View Dependent Claims (32, 33, 34, 35, 36, 37)
-
-
38. A system comprising:
-
a processor; a network interface device; a memory device storing an instruction set executable by the processor to; receive, over a network via the network interface device from a remote device, values of a plurality of parameters which collectively characterize an operational state of the remote device; retrieve, from a policy database, at least one policy associated with at least one of the plurality of parameters, the at-least-one policy defining at least one parameter condition violation of which is potentially being indicative of unauthorized activity or manipulation of the remote device; apply the retrieved at least one policy to the plurality of parameter values to determine whether the at least one retrieved policy is violated; when the retrieved at least one policy is violated, retrieve from a remediation database at least one remediation for the remote device according to the violated policy; and deploy the at least one retrieved remediation to the remote device. - View Dependent Claims (39, 40, 41, 42, 43)
-
Specification