System and method for performing remote security assessment of firewalled computer
First Claim
1. A method for remotely conducting a scan on a network resource, the method comprising:
- providing a scanner engine in communication with a communication network;
providing a network resource in communication with the communication network, the network resource being protected by a firewall;
establishing a network connection between the scanner engine and the network resource, the network connection being configured to provide a tunnel for bi-directional communication between the scanner engine and the network resource, wherein the communication via the tunnel is independent of the port status of the firewall;
delivering client artifacts from the scanner engine to the network resource through the bi-directional tunnel;
receiving results data from the network resource at the scanner engine via the bi-directional tunnel, the results data based upon determinations related to the existence of software components; and
analyzing the results data to assess a current posture of the-network resource, the current posture being assessed in part based upon the determinations.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for scanning an endpoint terminal across an open computer network are disclosed. An exemplary method includes providing a scanner engine in a computer server in communication with an open computer network, and establishing a secure connection across the open computer network between the scanner engine and a scanner agent installed on the endpoint terminal in communication with the open computer network. Commands for collecting data regarding the endpoint terminal are sent from the scanner engine across the secure connection to the scanner agent. The scanner engine then receives the collected data from the scanner agent across the secure connection, analyzes the data to assess a current posture of the endpoint terminal, and determines any updates for the endpoint terminal from the analysis. Updates are sent across the secure connection to the scanner agent for installation on the endpoint terminal, and the secure connection may then be terminated.
20 Citations
20 Claims
-
1. A method for remotely conducting a scan on a network resource, the method comprising:
-
providing a scanner engine in communication with a communication network; providing a network resource in communication with the communication network, the network resource being protected by a firewall; establishing a network connection between the scanner engine and the network resource, the network connection being configured to provide a tunnel for bi-directional communication between the scanner engine and the network resource, wherein the communication via the tunnel is independent of the port status of the firewall; delivering client artifacts from the scanner engine to the network resource through the bi-directional tunnel; receiving results data from the network resource at the scanner engine via the bi-directional tunnel, the results data based upon determinations related to the existence of software components; and analyzing the results data to assess a current posture of the-network resource, the current posture being assessed in part based upon the determinations. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for remotely conducting a scan on a network resource, the system comprising:
-
at least one processor; and
,at least one storage device storing a set of computer executable instructions formed into each of a plurality of components, each component comprising; a connection process for establishing a network connection between a scanner process and a network resource across a communication network, the network connection being configured to provide a tunnel for bi-directional communication independent of authorized access between the scanner engine and the network resource; a loading process for loading a plurality of assessment rules for use by the scanner process; and
,a delivery process for delivering client artifacts from the scanner process to the network resource via the bi-directional tunnel, the delivery process based in part upon function calls originating at a standard assessment library that is accessible by the scanner process. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for initiating a scan directed to a network resource, the method comprising:
-
providing a scanner engine in communication with a communication network; providing, in the scanner engine, a first end of a network connection, wherein the first end is configured to establish a tunnel for bi-directional communication to a network resource after providing the network connection to the network resource, wherein communication via a first end of the tunnel is configured for requesting client artifacts from the network resource independent of authorized access between the scanner engine and the network resource; loading a plurality of assessment rules by a standard assessment library into a memory location on the scanner engine; adapting function calls to conform with indications received by the scanner engine via a remote scan using the bi-directional tunnel, the indications related to a protocol specific to a network resource, wherein the function calls originate at the standard assessment library; receiving the artifacts at the scanner engine via the bi-directional tunnel; passing the artifacts to the standard assessment library; and
,analyzing the artifacts in accordance with the plurality of assessment rules at the standard assessment library to assess a current security posture. - View Dependent Claims (19, 20)
-
Specification