×

Segmented networks that implement scanning

  • US 10,110,636 B2
  • Filed: 02/23/2017
  • Issued: 10/23/2018
  • Est. Priority Date: 03/13/2015
  • Status: Active Grant
First Claim
Patent Images

1. A system comprising:

  • a plurality of segmented environments, each of the plurality of segmented environments comprising an enforcement point comprising an active probe device, and a plurality of workloads each implementing at least one service component, the plurality of segmented environments collectively providing a service, each of the plurality of segmented environments providing a portion of the service; and

    a data center server coupled with the plurality of segmented environments over a network, the data center server comprising;

    a security controller providing, via at least one processor, a security policy to each of the plurality of segmented environments, the security policy being configured using the service; and

    an active probe controller requesting, via the at least one processor, each active probe device of the plurality of segmented environments to perform a respective scan of a plurality of scans, the plurality of scans performed on the plurality of segmented environments collectively providing the service, the plurality of scans occurring in parallel on the plurality of workloads implementing the at least one service component, the plurality of scans being executed synchronously on the plurality of segmented environments without affecting performance of the network established between the data center server and the plurality of segmented environments, the active probe device of one or more of the plurality of segmented environments implementing a remediation scheme when the plurality of scans indicate a vulnerability.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×