Endpoint management using trust rating data
First Claim
1. A non-transitory machine-readable medium encoded with instructions, that when executed by one or more processors, cause the processor to carry out a process for endpoint management, the process comprising:
- receiving from an endpoint a request to join a managed network, the request identifying to a server one or more applications currently on the endpoint;
determining if the identified applications are represented in a compliance policy database, wherein the compliance policy database comprises a list of applications and at least one security policy rule associated with each application in the list of applications;
in response to a determination that an identified first application is not represented in the compliance policy database;
determining a trust rating for the first application; and
dynamically generating at least one security policy rule associated with the first application based on the determined trust rating; and
in response to a determination that each identified application is represented in the compliance policy database, accessing the at least one security policy rule associated with each of the identified applications from the compliance policy database.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques are disclosed for implementing dynamic endpoint management. In accordance with one embodiment, whenever an endpoint joins a managed network for the first time, or rejoins that network, a local security module submits a list of applications (e.g., all or incremental) to a security server. The server validates the list and sends back a rule set (e.g., allow/block rules and/or required application security settings) for those applications. If the server has no information for a given application, it may further subscribe to content from a content provider or service. When the server is queried regarding an unknown application, the server sends a query to the service provider to obtain a trust rating for that unknown application. The trust rating can then be used to generate a rule set for the unknown application. Functionality can be shifted from server to client, and vice-versa if so desired.
158 Citations
18 Claims
-
1. A non-transitory machine-readable medium encoded with instructions, that when executed by one or more processors, cause the processor to carry out a process for endpoint management, the process comprising:
-
receiving from an endpoint a request to join a managed network, the request identifying to a server one or more applications currently on the endpoint; determining if the identified applications are represented in a compliance policy database, wherein the compliance policy database comprises a list of applications and at least one security policy rule associated with each application in the list of applications; in response to a determination that an identified first application is not represented in the compliance policy database; determining a trust rating for the first application; and dynamically generating at least one security policy rule associated with the first application based on the determined trust rating; and in response to a determination that each identified application is represented in the compliance policy database, accessing the at least one security policy rule associated with each of the identified applications from the compliance policy database. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory machine-readable medium encoded with instructions, that when executed by one or more processors, cause the processor to carry out a process for endpoint management, the process comprising:
-
detecting one or more applications currently on an endpoint; generating a request to join a managed network, the request identifying the one or more applications on the endpoint; sending the request from the endpoint to the managed network, the managed network configured to; determine if the identified applications are represented in a compliance policy database comprising a list of applications and at least one security policy rule associated with each application in the list of applications; responsive to a determination that an identified first application is not represented in the compliance policy database; determine a trust rating for the first application; and dynamically generate at least security policy rule for the first application based on the determined trust rating; and responsive to a determination that each identified application is represented in the compliance policy database, access the at least one security policy rule associated with each of the identified applications from the compliance policy database; and receiving from the managed network at least one security policy rule for each of the identified applications responsive to the request, with at least one of the received security policy rules having been dynamically generated by the managed network. - View Dependent Claims (9, 10, 11)
-
-
12. A system for endpoint management, comprising:
a server comprising a non-transitory machine-readable medium encoded with instructions and a processor configured to execute the instructions, the instructions executable to cause the server to; receive from an endpoint a request to join a managed network, the request identifying to the server one or more applications currently on the endpoint; determine if the identified applications are represented in a compliance policy database, wherein the compliance policy database comprises a list of applications and at least one security policy rule associated with each application in the list of applications; in response to a determination that an identified first application is not represented in the compliance policy database; determine a trust rating for the first application; and dynamically generate at least one security policy rule for the first application based on the determined trust rating; and in response to a determination that each identified application is represented in the compliance policy database, accessing the at least one security policy rule associated with each of the identified applications from the compliance policy database. - View Dependent Claims (13, 14, 15, 16, 17, 18)
Specification