Method and system for generic real time management of devices on computers connected to a network
First Claim
Patent Images
1. A method for device management in a computer system comprising:
- detecting connection of a device to the computer system, which includes a software agent that is configured to track attempts to connect pluggable devices to the computer system and to receive a security policy that includes a plurality of device management rules, wherein the software agent is further configured to register an agent device connection listener in a form of an upper-level filter driver in a device class stack for a particular device class defined in a particular one of the rules, and wherein the particular one of the rules describes a device definition, a set of computers, and a set of users to which the particular rule applies;
identifying a specific device type of the device; and
determining a reaction to perform in response to the connection of the device to the computer system based, at least in part, on parameters related to the device and on the device management rules, wherein the reaction comprises blocking certain network connections based on identifying whether or not the connection is wireless.
12 Assignments
0 Petitions
Accused Products
Abstract
A method and system for enterprise device management allows the administrator to set a policy of forbidden devices, monitor devices used in the organization, provide alerts and notification incase an unknown device is connected to a computer, and monitor or block connections of devices which do not comply with the said security policy. A method for device management in a computer system comprises detecting connection of a device to the computer system and determining a reaction to perform in response to the connection of the device to the computer system based on parameters related to the device and on device management rules.
211 Citations
25 Claims
-
1. A method for device management in a computer system comprising:
-
detecting connection of a device to the computer system, which includes a software agent that is configured to track attempts to connect pluggable devices to the computer system and to receive a security policy that includes a plurality of device management rules, wherein the software agent is further configured to register an agent device connection listener in a form of an upper-level filter driver in a device class stack for a particular device class defined in a particular one of the rules, and wherein the particular one of the rules describes a device definition, a set of computers, and a set of users to which the particular rule applies; identifying a specific device type of the device; and determining a reaction to perform in response to the connection of the device to the computer system based, at least in part, on parameters related to the device and on the device management rules, wherein the reaction comprises blocking certain network connections based on identifying whether or not the connection is wireless. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for device management in a computer system comprising:
-
a processor operable to execute computer program instructions; a memory operable to store computer program instructions executable by the processor; and computer program instructions stored in the memory and executable to implement; a device connection listener for detecting connection of a device to the computer system; and a software agent for; receiving a security policy that includes a plurality of device management rules, wherein the software agent is further configured to register an agent device connection listener in a form of an upper-level filter driver in a device class stack for a particular device class defined in a particular one of the rules, and wherein the particular one of the rules describes a device definition, a set of computers, and a set of users to which the particular rule applies, determining a reaction to perform in response to the connection of the device to the computer system based, at least in part, on parameters related to the device and on the device management rules, blocking certain network connections based on identifying whether or not the connection is wireless, and wherein the software agent is configured to track attempts to connect pluggable devices to the computer system. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product embodied in a non-transitory computer readable storage medium for performing operations, comprising:
-
detecting connection of a device to the computer system, which includes a software agent that is configured to track attempts to connect pluggable devices to the computer system and to receive a security policy that includes a plurality of device management rules, wherein the software agent is further configured to register an agent device connection listener in a form of an upper-level filter driver in a device class stack for a particular device class defined in a particular one of the rules, and wherein the particular one of the rules describes a device definition, a set of computers, and a set of users to which the particular rule applies; identifying a specific device type of the device; and determining a reaction to perform in response to the connection of the device to the computer system based, at least in part, on parameters related to the device and on the device management rules, wherein the reaction comprises blocking certain network connections based on identifying whether or not the connection is wireless. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification