Security policy enforcement for mobile devices based on device state
First Claim
1. A system for a security device that provides network-based security for mobile devices based on device state, comprising:
- a processor configured to;
receive a Host Information Profile (HIP) report for a mobile device from a mobile device management (MDM) service at the security device, wherein the HIP report includes device state information for the mobile device, and wherein the HIP report for the mobile device includes configuration information of the mobile device, the configuration information of the mobile device including a list of installed malware apps;
apply a policy based on the HIP report for the mobile device, comprising to;
compare a first app included in the list of installed malware apps with a second app in an exclude list; and
in the event that the first app included in the list of installed malware apps matches with the second app in the exclude list, omit applying the policy; and
perform access control at the security device based on the policy based on the HIP report for the mobile device; and
a memory coupled to the processor and configured to provide the processor with instructions.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for network-based security for mobile devices based on device state are disclosed. In some embodiments, network-based security for mobile devices based on device state includes receiving a Host Information Profile (HIP) report for a mobile device from a mobile device management (MDM) service at the security device, in which the HIP report includes device state information for the mobile device; applying a policy based on the HIP report for the mobile device and the device state; and performing access control at the security device based on the policy based on the HIP report for the mobile device.
50 Citations
21 Claims
-
1. A system for a security device that provides network-based security for mobile devices based on device state, comprising:
-
a processor configured to; receive a Host Information Profile (HIP) report for a mobile device from a mobile device management (MDM) service at the security device, wherein the HIP report includes device state information for the mobile device, and wherein the HIP report for the mobile device includes configuration information of the mobile device, the configuration information of the mobile device including a list of installed malware apps; apply a policy based on the HIP report for the mobile device, comprising to; compare a first app included in the list of installed malware apps with a second app in an exclude list; and in the event that the first app included in the list of installed malware apps matches with the second app in the exclude list, omit applying the policy; and perform access control at the security device based on the policy based on the HIP report for the mobile device; and a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 21)
-
-
8. A method for a security device that provides network-based security for mobile devices based on device state, comprising:
-
receiving a Host Information Profile (HIP) report for a mobile device from a mobile device management (MDM) service at the security device, wherein the HIP report includes device state information for the mobile device, and wherein the HIP report for the mobile device includes configuration information of the mobile device, the configuration information of the mobile device including a list of installed malware apps; applying a policy based on the HIP report for the mobile device;
device, comprising;comparing a first app included in the list of installed malware apps with a second app in an exclude list; and in the event that the first app included in the list of installed malware apps matches with the second app in the exclude list, omitting applying the policy; and performing access control at the security device based on the policy based on the HIP report for the mobile device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for a security device that provides network-based security for mobile devices based on device state, the computer program product being embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for:
-
receiving a Host Information Profile (HIP) report for a mobile device from a mobile device management (MDM) service at the security device, wherein the HIP report includes device state information for the mobile device, and wherein the HIP report for the mobile device includes configuration information of the mobile device, the configuration information of the mobile device including a list of installed malware apps; applying a policy based on the HIP report for the mobile device, comprising; comparing a first app included in the list of installed malware apps with a second app in an exclude list; and in the event that the first app included in the list of installed malware apps matches with the second app in the exclude list, omitting applying the policy; and performing access control at the security device based on the policy based on the HIP report for the mobile device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification