Systems and methods for automatic endpoint protection and policy management

US 9,661,023 B1
Filed: 07/12/2013
Issued: 05/23/2017
Est. Priority Date: 07/12/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for dynamically adjusting server settings, the method comprising:

identifying, via a processor of a server, at least one parameter of a status of the server that diverges from a corresponding baseline setting of a policy of a client maintained by the server, wherein identifying the at least one parameter that diverges is based at least in part on the processor determining whether a frequency at which malware code is discovered on the client satisfies a first threshold;

wherein the policy maintained by the server comprises at least one of a central processing unit (CPU) setting, a memory setting, a storage setting, a network setting, a client setting, a virtual environment setting, a heartbeat interval setting, and a randomization setting;

determining, via the processor, a degree of difference between the at least one parameter of the server status and the baseline setting of the policy maintained by the server;

comparing, via the processor, the degree of difference to a predetermined parameter threshold;

upon determining the frequency at which malware code is discovered on the client satisfies the first threshold, calculating, via the processor, an adjustment to the baseline setting of the policy based at least in part on the divergent parameter;

determining, via the processor, that the degree of difference satisfies the predetermined parameter threshold;

adjusting, via the processor, the baseline setting of the policy according to the calculated adjustment based at least in part on the determining that the degree of difference satisfies the predetermined parameter threshold, wherein adjusting the baseline setting of the policy includes increasing at least one of a scan frequency of the client and a malware definition update frequency for the client;

issuing a command to send, via the processor, data representative of the adjusted baseline setting of the policy from the server to the client via a network; and

automatically updating one or more client profiles associated with the client according to the adjusted baseline setting of the policy.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for dynamically adjusting server settings is described. In one embodiment, at least one parameter of a status of a server that diverges from a corresponding baseline setting of a policy maintained by the server may be identified. An adjustment to the baseline setting of the policy may be calculated based at least in part on the divergent parameter. The baseline setting of the policy may be adjusted according to the calculated adjustment. A command may be issued to send data representative of the adjusted baseline setting of the policy from the server to a client to update a user profile.

36 Citations

View as Search Results

15 Claims

1. A computer-implemented method for dynamically adjusting server settings, the method comprising:
- identifying, via a processor of a server, at least one parameter of a status of the server that diverges from a corresponding baseline setting of a policy of a client maintained by the server, wherein identifying the at least one parameter that diverges is based at least in part on the processor determining whether a frequency at which malware code is discovered on the client satisfies a first threshold;
  
  wherein the policy maintained by the server comprises at least one of a central processing unit (CPU) setting, a memory setting, a storage setting, a network setting, a client setting, a virtual environment setting, a heartbeat interval setting, and a randomization setting;
  
  determining, via the processor, a degree of difference between the at least one parameter of the server status and the baseline setting of the policy maintained by the server;
  
  comparing, via the processor, the degree of difference to a predetermined parameter threshold;
  
  upon determining the frequency at which malware code is discovered on the client satisfies the first threshold, calculating, via the processor, an adjustment to the baseline setting of the policy based at least in part on the divergent parameter;
  
  determining, via the processor, that the degree of difference satisfies the predetermined parameter threshold;
  
  adjusting, via the processor, the baseline setting of the policy according to the calculated adjustment based at least in part on the determining that the degree of difference satisfies the predetermined parameter threshold, wherein adjusting the baseline setting of the policy includes increasing at least one of a scan frequency of the client and a malware definition update frequency for the client;
  
  issuing a command to send, via the processor, data representative of the adjusted baseline setting of the policy from the server to the client via a network; and
  
  automatically updating one or more client profiles associated with the client according to the adjusted baseline setting of the policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - upon determining the degree of difference fails to satisfy the predetermined parameter threshold for a predetermined amount of time, maintaining the policy according to a present setting of the policy.
  - 3. The method of claim 1, further comprising:
    - determining whether a frequency at which security risks other than malware code occur on the client satisfies a predetermined security threshold.
  - 4. The method of claim 3, further comprising:
    - upon determining the frequency at which security risks other than malware code occur on the client satisfies the predetermined security threshold, adjusting a security setting of the policy maintained by the server.
  - 5. The method of claim 3, further comprising:
    - upon determining the frequency at which security risks other than malware code occur on the client fails to satisfy the predetermined security threshold, maintaining a security setting of the policy maintained by the server.
  - 6. The method of claim 1, wherein the server status comprises at least one central processing unit (CPU) usage, CPU capacity, memory usage, memory capacity, storage usage, storage capacity, network bandwidth, database type, number of connected clients, client security risks, and a client request type.
  - 7. The method of claim 6, wherein the client request type comprises at least one of a scan request, an upgrade request, an update request, and a content download request.

8. A computing device configured to dynamically adjust server settings, comprising:
- a processor of a server;
  
  memory in electronic communication with the processor;
  
  instructions stored in the memory, the instructions being executable by the processor to;
  
  identify at least one parameter of a status of the server that diverges from a corresponding baseline setting of a policy of a client maintained by the server, wherein identifying the at least one parameter that diverges is based at least in part on determining whether a frequency at which malware code is discovered on the client satisfies a first threshold;
  
  wherein the policy maintained by the server comprises at least one of a central processing unit (CPU) setting, a memory setting, a storage setting, a network setting, a client setting, a virtual environment setting, a heartbeat interval setting, and a randomization setting;
  
  determine a degree of difference between the at least one parameter of the server status and the baseline setting of the policy maintained by the server;
  
  compare the degree of difference to a predetermined parameter threshold;
  
  upon determining the frequency at which malware is discovered on the client satisfies the first threshold, calculate an adjustment to the baseline setting of the policy based at least in part on the divergent parameter;
  
  determine that the degree of difference satisfies the predetermined parameter threshold;
  
  adjust the baseline setting of the policy according to the calculated adjustment based at least in part on the determining that the degree of difference satisfies the predetermined parameter threshold, wherein adjusting the baseline setting of the policy includes increasing at least one of a scan frequency of the client and a malware definition update frequency for the client;
  
  issue a command to send data representative of the adjusted baseline setting of the policy from the server to the client via a network; and
  
  automatically update one or more client profiles associated with the client according to the adjusted baseline setting of the policy.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computing device of claim 8, wherein the instructions are executable by the processor to:
    - upon determining the degree of difference fails to satisfy the predetermined parameter threshold for a predetermined amount of time, maintain the policy according to a present setting of the policy.
  - 10. The computing device of claim 8, wherein the instructions are executable by the processor to:
    - determine a frequency at which security risks other than malware code occur on the client.
  - 11. The computing device of claim 10, wherein the instructions are executable by the processor to:
    - upon determining the frequency at which security risks other than malware code occur on the client satisfies a predetermined security threshold, adjust a security setting of the policy.
  - 12. The computing device of claim 10, wherein the instructions are executable by the processor to:
    - upon determining the frequency at which security risks other than malware code occur on the client fails to satisfy a predetermined security threshold, maintain a security setting of the policy maintained by the server.
  - 13. The computing device of claim 8, wherein the server status comprises at least one of the central processing unit (CPU) usage, CPU capacity, memory usage, memory capacity, storage usage, storage capacity, network bandwidth, database type, number of connected clients, client security risks, and client request type.
  - 14. The computing device of claim 13, wherein the client request type comprises at least one of a scan request, an upgrade request, an update request, and a content download request.

15. A computer-program product for dynamically adjusting, by a processor of a server, server settings, the computer-program product comprising a non-transitory computer readable medium storing instructions thereon, the instructions being executable by the processor to:
- identify at least one parameter of a status of the server that diverges from a corresponding baseline setting of a policy of a client maintained by the server, wherein identifying the at least one parameter that diverges is based at least in part on determining whether a frequency at which malware code is discovered on the client satisfies a first threshold;
  
  wherein the policy maintained by the server comprises at least one of a central processing unit (CPU) setting, a memory setting, a storage setting, a network setting, a client setting, a virtual environment setting, a heartbeat interval setting, and a randomization setting;
  
  determine a degree of difference between the at least one parameter of the server status and the baseline setting of the policy maintained by the server;
  
  compare the degree of difference to a predetermined parameter threshold;
  
  upon determining the frequency at which malware code is discovered on the client satisfies the first threshold, calculate an adjustment to the baseline setting of the policy based at least in part on the divergent parameter;
  
  determine that the degree of difference satisfies the predetermined parameter threshold;
  
  adjust the baseline setting of the policy according to the calculated adjustment based at least in part on the determining that the degree of difference satisfies the predetermined parameter threshold, wherein adjusting the baseline setting of the policy includes increasing at least one of a scan frequency of the client and a malware definition update frequency for the client;
  
  issue a command to send data representative of the adjusted baseline setting of the policy from the server to the client via a network; and
  
  automatically update one or more client profiles associated with the client according to the adjusted baseline setting of the policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Fang, Ke, Yang, Liu
Primary Examiner(s)
Gracia, Gary

Application Number

US13/940,902
Time in Patent Office

1,411 Days
Field of Search

726 1, 726 28, 726 29, 726 30, 709225, 370236
US Class Current
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/034   Test or assess a computer o...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/20   for managing network securi...

Systems and methods for automatic endpoint protection and policy management

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for automatic endpoint protection and policy management

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links