System and method for automated policy audit and remediation management
First Claim
Patent Images
1. A method comprising:
- providing a user interface to a computer for allowing a user to configure a network audit;
storing network audit configuration information in a data store;
initiating the network audit based on the configuration information to gather information about a network;
testing a network policy prior to deployment of the network policy in a scheduled audit, wherein the network policy is tested against past audit results stored in an audit repository, and wherein one or more recommendations are provided in response to the testing of the network policy, the one or more recommendations including additional rules to be added to the network policy;
applying the network policy;
determining compliance with the network policy;
generating a task based on the compliance determination;
assigning the task for execution; and
monitoring a status of the task, wherein a rollback function is provided that allows one or more system components to be returned to a previous version.
13 Assignments
0 Petitions
Accused Products
Abstract
A prevention-based network auditing system includes a central compliance server providing a user interface allowing a user to schedule and configure a network audit. The configured audit is stored in an audit repository until its scheduled time. At such a time, the compliance server automatically invokes one or more audit servers to gather information about the network. The compliance server receives the gathered information and electronically applies a network policy to the information for determining compliance with the policy. A remediation task may be generated if the policy has been violated, and the task monitored until its completion.
289 Citations
20 Claims
-
1. A method comprising:
-
providing a user interface to a computer for allowing a user to configure a network audit; storing network audit configuration information in a data store; initiating the network audit based on the configuration information to gather information about a network; testing a network policy prior to deployment of the network policy in a scheduled audit, wherein the network policy is tested against past audit results stored in an audit repository, and wherein one or more recommendations are provided in response to the testing of the network policy, the one or more recommendations including additional rules to be added to the network policy; applying the network policy; determining compliance with the network policy; generating a task based on the compliance determination; assigning the task for execution; and monitoring a status of the task, wherein a rollback function is provided that allows one or more system components to be returned to a previous version. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system comprising:
-
a user interface allowing a user to configure a network audit; a data store storing network audit configuration information; means for initiating the network audit based on the configuration information to gather information about a network; means for testing a network policy prior to deployment of the network policy in a scheduled audit, wherein the network policy is tested against past audit results stored in an audit repository, and wherein one or more recommendations are provided in response to the testing of the network policy, the one or more recommendations including additional rules to be added to the network policy; means for applying the network policy; means for determining compliance with the network policy; means for generating a task based on the compliance determination; means for assigning the task for execution; and means for monitoring a status of the task, wherein a rollback function is provided that allows one or more system components to be returned to a previous version. - View Dependent Claims (17, 18, 19, 20)
-
Specification