×

Dynamic provisioning of protection software in a host intrusion prevention system

  • US 8,505,092 B2
  • Filed: 10/18/2007
  • Issued: 08/06/2013
  • Est. Priority Date: 01/05/2007
  • Status: Active Grant
First Claim
Patent Images

1. An intrusion-protection system comprising:

  • a plurality of agents, each agent installed in a respective computer of a plurality of computers, said each agent comprising respective deep-packet-inspection modules, stored in a memory of said respective computer, for monitoring computer activities and identifying intrusions;

    a plurality of local servers, each local server comprising;

    at least one processor;

    at least one memory device storing detection software; and

    an interface communicatively coupled to each computer in a respective subset of said plurality of computers; and

    a central server maintaining a software library comprising deep-packet-inspection modules stored in a non-transitory computer-readable medium, said central server communicating said library to said each local server;

    said detection software causes said at least one processor to;

    recursively acquire a set of data elements from an agent installed in said each computer, said set of data elements characterizing a current configuration and running processes of said each computer, where a data element acquired from processing a query sent from said each local server to said each computer-indicates one of;

    a requirement for a requisite subsequent data element for characterization of said each computer; and

    completion of acquisition of all data elements;

    identify requisite deep-packet-inspection modules of said library compatible with said set of data elements;

    determine presence of each said requisite deep-packet-inspection module in said each computer; and

    responsive to an indication that at least one deep-packet-inspection module of said requisite deep-packet-inspection modules is not present in said each computer, install said at least one deep-packet-inspection module in said each computer.

View all claims
  • 8 Assignments
Timeline View
Assignment View
    ×
    ×