Systems and methods for integrating cloud services with information management systems

US 8,955,091 B2
Filed: 04/30/2012
Issued: 02/10/2015
Est. Priority Date: 04/30/2012
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

an enterprise network comprising an internal management system communicatively coupled thereon, wherein the enterprise network comprises a security device and the internal management system is disposed internally in the enterprise network behind the security device;

a cloud system external to the enterprise network and communicatively coupled to the enterprise network, wherein at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and wherein the cloud system is configured to log data associated with the at least one user for the cloud-based services; and

an external service bridge located internally in the enterprise network behind the security device, wherein the external service bridge is configured to securely communicate with the cloud system to receive the log data, to buffer the received log data, and to communicate with the internal management system to provide the buffered log data thereto via insecure protocols over the enterprise network in a format specified by the internal management system;

wherein the cloud-based services comprise security as a service through the cloud system providing security to the at least one user while the at least one user is internal to the enterprise network or external to the enterprise network, and wherein the external service bridge communicates the log data comprising security data associated with the at least one user to the internal management system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system includes an enterprise network including an internal management system communicatively coupled thereon, the enterprise network includes security and the internal management system is disposed behind the security; a cloud system external to the enterprise network and communicatively coupled to the enterprise network, at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and the cloud system is configured to log data associated with the at least one user for the cloud-based services; and an external service bridge located in the enterprise network behind the security, the external service bridge is configured to securely communicate with the cloud system to receive the log data and to communicate with the internal management system to provide the log data thereto.

Citations

18 Claims

1. A system, comprising:
- an enterprise network comprising an internal management system communicatively coupled thereon, wherein the enterprise network comprises a security device and the internal management system is disposed internally in the enterprise network behind the security device;
  
  a cloud system external to the enterprise network and communicatively coupled to the enterprise network, wherein at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and wherein the cloud system is configured to log data associated with the at least one user for the cloud-based services; and
  
  an external service bridge located internally in the enterprise network behind the security device, wherein the external service bridge is configured to securely communicate with the cloud system to receive the log data, to buffer the received log data, and to communicate with the internal management system to provide the buffered log data thereto via insecure protocols over the enterprise network in a format specified by the internal management system;
  
  wherein the cloud-based services comprise security as a service through the cloud system providing security to the at least one user while the at least one user is internal to the enterprise network or external to the enterprise network, and wherein the external service bridge communicates the log data comprising security data associated with the at least one user to the internal management system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The system of claim 1, wherein the security device comprises at least one of a firewall, a Network Address Translation device or a web proxy service, and wherein the external service bridge is configured to establish a secure communications link to the cloud system through the security device.
  - 3. The system of claim 2, wherein the external service bridge receives the log data in a compressed format over the secure communications link.
  - 4. The system of claim 3, wherein the external service bridge performs one of transmitting the log data to one or more feeds or buffering the log data.
  - 5. The system of claim 1, wherein the external service bridge comprises at least one feed configured on which the external service bridge is configured to filter the log data and format the log data for transmission from the external service bridge.
  - 6. The system of claim 5, wherein the external service bridge transmits each of the at least one feed as a Transmission Control Protocol stream on one of the enterprise network to a networked storage medium and a local storage medium.
  - 7. The system of claim 5, wherein the external service bridge interfaces securely to the cloud system and insecurely within the enterprise network to the internal management system.
  - 8. The system of claim 7, wherein the external service bridge interfaces insecurely through any of Simple Network Management Protocol, Syslog, Splunk, Arcsight, RSA Envision, and QRadar.
  - 9. The system of claim 8, wherein the internal management system comprises a Security Information and Event Management device configured to accept any of Simple Network Management Protocol, Syslog, and Splunk, and the external service bridge is configured to transparently provide the log data to the internal management system as if the cloud system were within the security.
  - 10. The system of claim 5, wherein the at least one feed comprises a first feed and a second feed, wherein the first feed outputs to Simple Network Management Protocol and the second feed outputs to Syslog.
  - 11. The system of claim 1, wherein the log data comprises one of an Internet transaction stream and an event stream, and wherein the external service bridge comprises a buffer for the log data.
  - 12. The system of claim 11, wherein the Internet transaction stream is buffered in the buffered whereas the event stream is directly provided to one or more feeds.
  - 13. The system of claim 11, wherein the external service bridge is configured to implement flow control with the cloud system based on the buffer.
  - 14. The system of claim 1, wherein the external service bridge receives the log data in a format from the logging agent and converts the log data into a format for the internal management system such that the internal management system can interface to the cloud system.
  - 15. The system of claim 1, wherein the external service bridge segments the log data into event-based streams and transaction-based streams from the cloud system with the buffer configured differently therebetween.

16. A method, comprising:
- logging transactions and events associated with users of an enterprise network in a management system located internally on the enterprise network;
  
  communicating with a cloud system through a secure connection outside the enterprise network, wherein the cloud system is external to the enterprise network and at least one user uses cloud-based services through the cloud system;
  
  receiving and buffering log data through the secure connection from the cloud system for the at least one user, wherein the log data comprises transactions and events associated with the at least one user and associated usage of the cloud-based services; and
  
  transmitting, via insecure protocols, the log data to the management system from a buffer over the enterprise network in a format specified by the management system;
  
  wherein the cloud-based services comprise security as a service through the cloud system providing security to the at least one user while the users are internal to the enterprise network or external to the enterprise network, and wherein the external service bridge communicates the log data comprising security data associated with the users to the internal management system.

17. An external service bridge, comprising:
- a network interface communicatively coupled on a secure network, wherein the external service bridge is located internally on the secure network;
  
  a processor; and
  
  memory storing computer executable instructions, and in response to execution by the processor, the computer executable instructions cause the processing node to perform steps of;
  
  establish a secure connection to an external network through the secure network;
  
  receive and buffer data from the secure connection;
  
  parse the buffered data into one or more feeds;
  
  filter and format the data in the one or more feeds; and
  
  output the one or more feeds on the secure network via an insecure protocol to an internal management system in a format specified by the internal management system, wherein the format comprises a format expected by the internal management system;
  
  wherein the data is from cloud-based services external from the secure network providing security to user while the users are internal to the secure network or external to the secure network, and wherein the external service bridge communicates the data comprising security data associated with the users to the internal management system as if the cloud-based services where internal to the secure network.
- View Dependent Claims (18)
- - 18. The external service bridge of claim 17, wherein the external network comprises a cloud system and wherein the data comprises transactions and events associated with users from the secure network operating cloud-based services in the cloud system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zscaler Incorporated
Original Assignee
Zscaler Incorporated
Inventors
Kailash, Kailash, Sinha, Amit, Apte, Manoj, Narasimhan, Sridhar, Balaiah, Chakkaravarthy Periyasamy, Pangeni, Sushil, Crank, Samuel John
Primary Examiner(s)
NGUYEN, TU T

Application Number

US13/459,475
Publication Number

US 20130291087A1
Time in Patent Office

1,016 Days
Field of Search

726/11
US Class Current

726/11
CPC Class Codes

H04L 41/0213   Standardised network manage...

H04L 41/069   using logs of notifications...

H04L 41/5096   wherein the managed service...

H04L 43/0817   by checking functioning

H04L 61/2514   between local and global IP...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1433   Vulnerability analysis

Systems and methods for integrating cloud services with information management systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for integrating cloud services with information management systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links