Controlling access to resources in a network

US 9,436,820 B1
Filed: 08/02/2004
Issued: 09/06/2016
Est. Priority Date: 08/02/2004
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method to control access to resources in a network by using an intercepting device, a policy server, and a remediation server and based on security posture credentials and access instructions, the computer-implemented method comprising:

intercepting, by the intercepting device, one or more messages sent by a computerized device requesting access to one of the resources in the network, the intercepting device comprising a data communications device;

prior to granting the computerized device with the requested access to the network, and in response to intercepting the one or more messages sent by the computerized device, selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;

(i) a posture agent executing on the computerized device;

(ii) a posture plug-in executing on the computerized device; and

(iii) an audit server operatively connected to the computerized device;

subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credential relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;

wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and

applying the redirect access instruction at the intercepting device by operation of one or more computer processors, to communications traffic originating from the computerized device and destined for resources within the network, in order to grant the computerized device with access to the remediation server without including access to the resources in the network;

wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;

wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable by the intercepting device to restrict routing of any communications traffic destined for locations outside the network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computerized device transmits an access request to a data communications device of a network in an attempt to access network resources within the network. The data communications device, in response and in real-time, transmits a challenge request to the computerized device that directs the computerized device to retrieve configuration, or posture, credentials associated with the computerized device. A policy server receives the challenge response and, based upon a real-time analysis of the posture credentials of the computerized device, determines a security state of the computerized device and either provides some level or denies the computerized device access to the network resources based upon the analysis of posture. The data communications device detects the real-time security state of the computerized device prior to providing the computerized device with controlled access to the network resources, thereby limiting vulnerable computerized devices from accessing the network resources and minimizing the risk that the network resources receive or transmit malware.

106 Citations

View as Search Results

53 Claims

1. A computer-implemented method to control access to resources in a network by using an intercepting device, a policy server, and a remediation server and based on security posture credentials and access instructions, the computer-implemented method comprising:
- intercepting, by the intercepting device, one or more messages sent by a computerized device requesting access to one of the resources in the network, the intercepting device comprising a data communications device;
  
  prior to granting the computerized device with the requested access to the network, and in response to intercepting the one or more messages sent by the computerized device, selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credential relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction at the intercepting device by operation of one or more computer processors, to communications traffic originating from the computerized device and destined for resources within the network, in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable by the intercepting device to restrict routing of any communications traffic destined for locations outside the network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 2. The computer-implemented method of claim 1, wherein the restrict access instruction is applicable to restrict entry of the communications traffic to the network based upon an address associated with the computerized device.
  - 3. The computer-implemented method of claim 1, wherein the restrict access instruction is applicable to restrict entry of the communications traffic to the network based upon a communication protocol associated with the computerized device.
  - 4. The computer-implemented method of claim 1, further comprising initiating a secure communication between the policy server and computerized device.
  - 5. The computer-implemented method of claim 1, wherein the restrict access instruction is applicable to restrict entry of the communications traffic to the network based upon an address associated with the computerized device and an address associated with the resources in the network to restrict access to the resources in the network by the computerized device.
  - 6. The computer-implemented method of claim 1, further comprising periodically detecting, receiving and forwarding the security posture credentials, receiving the restrict access instruction, and applying the restrict access instruction based on expiration of a preset time period.
  - 7. The computer-implemented method of claim 1, wherein the security posture credentials include one or more affirmative descriptions of the application or component on the computerized device, wherein the one or more affirmative descriptions associated with the at least one application on the computerized device comprises one or more of, an antivirus software version, an antivirus definition version, a firewall software version, an operating system version, a malware protection software version, an operating system patch version, and an occurrence time of the most recent antivirus scan.
  - 8. The computer-implemented method of claim 1, wherein applying the redirect instruction to direct traffic to the remediation server to reconfigure the computerized device comprises upgrading the computerized device according to the security posture credentials of the computerized device that fail analysis by the policy server relative to the accepted credential set.
  - 9. The computer-implemented method of claim 1, wherein the security posture credentials include one or more affirmative descriptions of the application or component on the computerized device and represents the security state of the computerized device, wherein the security posture credentials do not specify any posture validation result for the computerized device, wherein the redirect access instruction is distinct from the posture validation result, wherein the computerized device, the intercepting device, the policy server, and the remediation server are distinct systems operatively connectable to one another via the network.
  - 10. The computer-implemented method of claim 9, wherein the grant access instruction specifies which network resources the computerized device may access, wherein the security posture credential is collected and transmitted by the posture agent, wherein the redirect access instruction contains a network address of the remediation server as part, not all, of the access instruction, wherein each resource comprises a network resource;
    - wherein the posture validation result is automatically determined without additional intervention by the intercepting device, without additional intervention by the remediation server, and without additional intervention by the computerized device;
      
      wherein the redirect access instruction is automatically generated without additional intervention by the intercepting device and without additional intervention by the remediation server.
  - 11. The computer-implemented method of claim 10, wherein the one or more messages are automatically intercepted without additional intervention by the policy server and without additional intervention by the remediation server;
    - wherein the security posture credential is automatically generated without additional intervention by the intercepting device, without additional intervention by the policy server, and without additional intervention by the remediation server;
      
      wherein the access instruction is automatically applied at the intercepting device without additional intervention by the remediation server, without additional intervention by the policy server, and without additional intervention by the computerized device;
      
      wherein the computerized device is automatically reconfigured based on the redirect access instruction, without additional intervention by the intercepting device, without additional intervention by the policy server, and without additional intervention by the computerized device.
  - 12. The computer-implemented method of claim 11, wherein the restrict access instruction is only applied to communications traffic originating from the computerized device and destined for resources within the network to restrict routing of the communications traffic within the network, wherein the restrict access instruction is not applied to restrict routing of the communications traffic destined for locations outside the network.
  - 13. The computer-implemented method of claim 12, further comprising, prior to establishing a configured network state granting the computerized device with the requested access to the network:
    - applying the redirect access instruction by transmitting a redirection message to the computerized device in order to redirect traffic from the computerized device destined for resources within the network to the remediation server;
      
      wherein the remediation server is configured to automatically reconfigure the computerized device in order to bring the security posture credentials of the computerized device into compliance with the accepted credential set by performing the one or more remedial actions specified in the redirect access instruction.
  - 14. The computer-implemented method of claim 13, wherein the computer-implemented method further comprises:
    - responsive to an update to the accepted credential set after the computerized device is granted with access to the resources in the network, transmitting a posture update query by the intercepting device to the computerized device;
      
      receiving, from the posture program, a posture update response to the posture update query;
      
      forwarding the posture update response by the intercepting device to the policy server, whereupon the policy server analyzes the posture update response relative to the updated, accepted credential set in order to determine an updated posture validation result for the computerized device and generates an updated access instruction based on the updated posture validation result, wherein the updated access instruction does not include any redirect access instruction; and
      
      receiving, from the policy server, the updated access instruction, whereupon the intercepting device applies the updated access instruction to communications traffic originating from the computerized device and destined for resources within the network.
  - 15. The computer-implemented method of claim 14, wherein the one or more affirmative descriptions associated with the at least one application on the computerized device includes:
    - (i) an antivirus software version;
      
      (ii) an antivirus definition version;
      
      (iii) a firewall software version;
      
      (iv) an operating system version;
      
      (v) a malware protection software version;
      
      (vi) an operating system patch version; and
      
      (vii) an occurrence time of the most recent antivirus scan.
  - 16. The computer-implemented method of claim 15, where applying the redirect instruction to direct traffic to the remediation server to reconfigure the computerized device comprises upgrading the computerized device according to the security posture credential of the computerized device that fails analysis by the policy server relative to the accepted credential set, wherein the computer-implemented method further comprises:
    - in response to a request from the policy server, re-collecting the posture credential from the posture program; and
      
      forwarding the re-collected posture credential to the policy server, wherein the policy server performs a first reassessment of the re-collected posture credential in order to determine whether the re-collected posture credential indicates the computerized device satisfies updated requirements of the security policy for accessing the resources.
  - 17. The computer-implemented method of claim 16, further comprising:
    - receiving a first updated message from the policy server as a result of the first reassessment; and
      
      in respective instances, and responsive to receiving the first updated message;
      
      (i) continuing to forward the network received from the computerized device traffic towards the resources; and
      
      (ii) removing the records on the routing device indicating the computerized device is authorized to access the resources.
  - 18. The computer-implemented method of claim 17, further comprising:
    - after a specified validity period expires, re-collecting the posture credential from the posture program;
      
      forwarding the re-collected posture credential to the policy server, wherein the policy server performs a second reassessment of the re-collected posture credential to determine whether the re-collected posture credential indicates the computerized device continues to satisfy requirements of the security policy for accessing the resources.
  - 19. The computer-implemented method of claim 17, further comprising:
    - receiving a second updated message from the policy server as a result of the second reassessment; and
      
      in respective instances, and responsive to receiving the second updated message;
      
      (i) continuing to forward the network received from the computerized device traffic towards the resources; and
      
      (ii) removing the records on the routing device indicating the computerized device is authorized to access the computerized resource;
      
      wherein the remediation server hosts resources needed to update the then-current configuration state of the one or more components on the computerized device in order to satisfy the requirements of the security policy;
      
      wherein access to the resources in the network is controlled by using the intercepting device, the policy server, and the remediation server and based on the security posture credential and the redirect access instruction, in order to restrict one or more computerized devices from accessing and infecting one or more other computerized devices in the network with worms and viruses.
  - 20. The computer-implemented method of claim 19, wherein the computer-implemented method further comprises authenticating a user of the computerized device by the policy server in order to automatically generate an authentication result, without additional intervention by the intercepting device, without additional intervention by the remediation server, and without additional intervention by the computerized device;
    - wherein the grant access instruction is generated by mapping the posture validation result with the authentication result, wherein the policy server is further configured to;
      
      receive identity information of the user; and
      
      determine an access policy based on both the posture validation result and identity information;
      
      wherein the access policy is applied to restrict access to the resources in the network.
  - 21. The computer-implemented method of claim 20, wherein the network traffic includes a packet encapsulating a Transmission Control Protocol (TCP) synchronize (SYN) connection request and has a source Internet Protocol (IP) address not authorized to access the resources in the records of the resources;
    - wherein the posture validation result and the identity information are securely transmitted using Extensible Authentication Protocol (EAP), wherein the user is authenticated using a predefined protocol selected from EAP Microsoft Challenge-Handshake Authentication Protocol (EAP-MS-CHAP) and EAP Generic Token Card (EAP-GTC);
      
      wherein the posture plug-in is configurable in an Extensible Markup Language (XML) format;
      
      wherein the traffic redirected to the remediation server comprises Hypertext Transfer Protocol (HTTP) traffic.
  - 22. The computer-implemented method of claim 21, wherein the posture validation result is determined as a result of a predefined sequence of messages transmitted among the computerized device, the intercepting device, and the policy server, the predefined sequence of messages including, ordered from first-in-time to last-in-time:
    - (i) an access request;
      
      (ii) an initial challenge request;
      
      (iii) a challenge response;
      
      (iv) a subsequent challenge request;
      
      (v) a posture request; and
      
      (vi) a posture response.
  - 23. The computer-implemented method of claim 22, wherein:
    - (i) the grant access instruction directs the intercepting device to permit communications between the computerized device and the resources;
      
      (ii) the restrict access instruction in a first instance directs the intercepting device to limit communications between the computerized device and the resources to specified network addresses, protocols, and ports; and
      
      (iii) the restrict access instruction in a second instance directs the intercepting device to reject communications between the computerized device and the resources.
  - 24. The computer-implemented method of claim 23, wherein additional types of security posture credentials are obtainable via additional posture plug-ins and without requiring reinstallation of any posture agent on the computerized device;
    - wherein the posture agent operates as an extensible policy broker that fields posture requests from the policy server and returns security posture credentials to the policy server based on responses from the security posture plugin;
      
      wherein the posture agent further operates as a broker that delivers notifications to the posture plug-ins from the posture server in response to the posture validation result, at least one notification of which indicates the posture validation result, wherein the at least one notification is output for display to the user and written to a log file.
  - 25. The computer-implemented method of claim 24, wherein the posture validation result comprises a first posture validation result, wherein the policy server is configured to automatically determine a second posture validation result, different from the first posture validation result, that the computerized device is brought into compliance with the accepted credential set;
    - wherein the second posture validation result is determined without additional intervention by the intercepting device, without additional intervention by the remediation server, and without additional intervention by the computerized device;
      
      wherein the posture plug-in is configured to notify the posture agent of any security posture change of the computerized device, via a posture plug-in application programming interface (API), in order to re-initiate the predefined sequence of messages.
  - 26. The computer-implemented method of claim 25, wherein the records comprise an exception list, wherein the computerized device comprises a first computerized device, wherein a third computerized device is exempted from providing posture credentials and exempted from undergoing any posture validation, upon determining that the third computerized device is specified on the exception list, wherein the first and second computerized devices are not specified on the exception list, wherein the first, second, and third computerized devices are distinct devices;
    - wherein the predefined sequence of messages is additionally used in order to;
      
      (i) authenticate an identity of the user; and
      
      (ii) authenticate an identity of the computerized device;
      
      wherein the grant access instruction is determined based on the posture validation result, the authenticated identity of the user, and the authenticated identity of the computerized device;
      
      wherein the computer-implemented method further comprises;
      
      maintaining a table of computerized devices, the table comprising, for each computerized device;
      
      (i) an identifier of the respective computerized device;
      
      (ii) a flag specifying whether the respective computerized device has any posture agent installed; and
      
      (iii) a permitted access level for the respective computerized device.
  - 27. The computer-implemented method of claim 1, wherein the posture validation result is determined without additional intervention by the intercepting device, without additional intervention by the remediation server, and without additional intervention by the computerized device, wherein the redirect access instruction is generated without additional intervention by the intercepting device and without additional intervention by the remediation server.
  - 28. The computer-implemented method of claim 1, wherein the security posture credential includes one or more affirmative descriptions of the application or component on the computerized device and represents the security state of the computerized device, wherein the security posture credential does not specify the posture validation result for the computerized device.

29. A data communications device to control access to resources in a network by operating, as an intercepting device, in conjunction with a policy server and a remediation server, and based on security posture credentials and access instructions, the data communications device comprising:
- at least one communications interface;
  
  a controller; and
  
  an interconnection mechanism coupling the at least one communications interface and the controller;
  
  wherein the controller is configured to;
  
  intercept a request for access sent from a computerized device, through the data communications device, to a network resource in the network;
  
  prior to granting the computerized device with the requested access to the network resource, and in response to intercepting the request for access, select, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving, from one or more of the plurality of security posture plug-ins, the security posture credential, forward the security posture credential to the policy server, whereupon the policy server analyzes the security posture credential relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  apply the redirect access instruction at the intercepting device to network communications traffic originating from the computerized device and destined for resources within the network in order to grant the computerized device with access to the remediation server without including access to the resources in the network; and
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable by the intercepting device to restrict routing of any communications traffic destined for locations outside the network.
- View Dependent Claims (30, 31, 32, 33, 34, 35)
- - 30. The data communications device of claim 29, wherein the access instruction is applicable to restrict entry of the communications traffic to the network based, at least in part, upon an address associated with the computerized device.
  - 31. The data communications device of claim 29, wherein the access instruction is applicable to restrict entry of the communications traffic to the network based, at least in part, upon a communication protocol associated with the computerized device.
  - 32. The data communication device of claim 29, wherein the controller is configured to initiate a secure communication between the policy server and computerized device prior to the computerized device communicating the security posture credentials.
  - 33. The data communication device of claim 29, wherein the restrict access instruction is applicable to restrict entry of the communications traffic to the network based upon an address associated with the computerized device and an address associated with the resources in the network to restrict access to the resources in the network by the computerized device.
  - 34. The data communication device of claim 29, wherein the controller is configured to periodically perform the steps of detecting, receiving and forwarding the security posture credentials, receiving the restrict access instruction, and applying the restrict access instruction based on expiration of a preset time period.
  - 35. The data communications device of claim 29, wherein the security posture credentials include one or more affirmative descriptions of the application or component on the computerized device, wherein the one or more affirmative descriptions associated with the at least one application on the computerized device comprises one or more of, an antivirus software version, an antivirus definition version, a firewall software version, an operating system version, a malware protection software version, an operating system patch version, and an occurrence time of the most recent antivirus scan.

36. A non-transitory computer-readable medium including computer program logic encoded thereon that, when performed on a controller in a data communications device having a coupling to at least one communications interface, performs an operation to control access to resources in a network by the data communications device acting, as an intercepting device, in conjunction with a policy server and a remediation server and based on security posture credentials and access instructions, the operation comprising:
- intercepting, by the intercepting device, an attempted access sent from a computerized device, through the data communications device, to a network resource in the network;
  
  prior to granting the computerized device with the requested access to the network resource, and in response to intercepting the attempted access, selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving, from one or more of the plurality of security posture plug-ins, the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credentials relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction at the intercepting device by operation of one or more computer processors when executing the computer program logic, to network communications traffic originating from the computerized device and destined for resources within the network in order to grant the computerized device with access to the remediation server without including access to the resources in the network; and
  
  wherein upon determining that the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable by the intercepting device to restrict routing of any communications traffic destined for locations outside the network.

37. A computer-implemented method to control access to computing resources in a network, by using a routing device, a policy server, and a remediation server and based on security posture credentials and remediation attributes, the computer-implemented method comprising:
- receiving, by the routing device connected to the network, from a computing device connected to the network, network traffic directed to a computing resource available over the network;
  
  in response, collecting, from a posture program, a security posture credential indicating a current configuration state of one or more components on the computing device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computing device;
  
  (ii) a posture plug-in executing on the computing device; and
  
  (iii) an audit server operatively connected to the computing device;
  
  forwarding the security posture credential collected from the computing device to the policy server by operation of one or more computer processors, wherein the policy server performs an initial evaluation of the security posture credential of the computing device in order to determine a posture validation result indicating whether the computing device satisfies requirements of a security policy for accessing the computing resource;
  
  upon receiving a message from the policy server indicating that the security posture credential does not satisfy requirements of the security policy, redirecting access by;
  
  forwarding one or more remediation attributes to the remediation server to update, based on the one or more remediation attributes, the then current configuration state of the one or more components on the computing device in order to satisfy the requirements of the security policy; and
  
  forwarding network traffic from the computing resource towards the remediation server without granting access to the computing resource in the network; and
  
  upon receiving a message from the policy server indicating that the security posture credential satisfies the requirements of the security policy, or upon receiving a message from the remediation server indicating that the then current configuration state was successfully updated, granting access by;
  
  forwarding network traffic received from the computing device towards the computing resource; and
  
  updating records on the routing device in order to indicate the computing device is authorized to access the computing resource;
  
  wherein upon receiving a message from the remediation server indicating that the then current configuration state was not successfully updated, the routing device limits or denies access to the computing resource without limiting or denying any communications traffic destined for locations outside the network.
- View Dependent Claims (38, 39, 40, 41, 42, 43)
- - 38. The computer-implemented method of claim 37, further comprising:
    - in response to a request from the policy server, re-collecting the posture credential from the posture program;
      
      forwarding the re-collected posture credential to the policy server, wherein the policy server performs a reassessment of the re-collected posture credential to determine whether the re-collected posture credential indicates the computing device satisfies updated requirements of the security policy for accessing the computing resource;
      
      receiving an updated message from the policy server; and
      
      either continuing to forward the network received from the computing device traffic towards the computing resource or removing the records on the routing device indicating the computing device is authorized to access the computing resource.
  - 39. The computer-implemented method of claim 37, wherein the network traffic includes a packet encapsulating a TCP SYN connection request and has a source IP address not authorized to access the computing resource in the records of the computing resource.
  - 40. The computer-implemented method of claim 37, further comprising:
    - after a specified validity period expires, re-collecting the posture credential from the posture program;
      
      forwarding the re-collected posture credential to the policy server, wherein the policy server performs a reassessment of the re-collected posture credential to determine whether the re-collected posture credential indicates the computing device continues to satisfy requirements of the security policy for accessing the computing resource;
      
      receiving an updated message from the policy server; and
      
      either continuing to forward the network received from the computing device traffic towards the computing resource or removing the records on the routing device indicating the computing device is authorized to access the computing resource.
  - 41. The computer-implemented method of claim 37, wherein the posture credential indicates one or more of an antivirus software version, an antivirus definition version, a firewall software version, an operating system version, a malware protection software version, an operating system patch version, and an occurrence time of the most recent antivirus scan.
  - 42. The computer-implemented method of claim 37, further comprising authenticating a user of the computing device.
  - 43. The computer-implemented method of claim 37, wherein the remediation server hosts one or more resources needed to update the then current configuration state of the one or more components on the computing device to satisfy the requirements of the security policy.

44. A non-transitory computer-readable medium containing a program which, when executed, performs an operation to control access to computing resources in a network, by using a routing device, a policy server, and a remediation server and based on security posture credentials and remediation attributes, the operation comprising:
- receiving, by the routing device connected to the network, from a computing device connected to the network, network traffic directed to a computing resource available over the network;
  
  in response, collecting, from a posture program, security posture credential indicating a current configuration state of one or more components on the computing device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computing device;
  
  (ii) a posture plug-in executing on the computing device; and
  
  (iii) an audit server operatively connected to the computing device;
  
  forwarding the security posture credential collected from the computing device to the policy server by operation of one or more computer processors when executing the program, wherein the policy server performs an initial evaluation of the security posture credential of the computing device in order to determine a posture validation result indicating whether the computing device satisfies requirements of a security policy for accessing the computing resource;
  
  upon receiving a message from the policy server indicating that the security posture credential does not satisfy requirements of the security policy, redirecting access by;
  
  forwarding one or more remediation attributes to the remediation server to update, based on the one or more remediation attributes, the then current configuration state of the one or more components on the computing device in order to satisfy the requirements of the security policy; and
  
  forwarding network traffic from the computing resource towards the remediation server without granting access to the computing resource in the network; and
  
  upon receiving a message from the policy server indicating that the security posture credential satisfies the requirements of the security policy, or upon receiving a message from the remediation server indicating that the then current configuration state was successfully updated, granting access by;
  
  forwarding network traffic received from the computing device towards the computing resource; and
  
  updating records on the routing device in order to indicate the computing device is authorized to access the computing resource;
  
  wherein upon receiving a message from the remediation server indicating that the then current configuration state was not successfully updated, the routing device limits or denies access to the computing resource without limiting or denying any communications traffic destined for locations outside the network.

45. A routing device to control access to computing resources in a network, by operating in conjunction with a policy server and a remediation server and based on security posture credentials and remediation attributes, the routing device comprising:
- one or more computer processors;
  
  a memory containing a program which, when executed by the one or more computer processors, performs an operation comprising;
  
  receiving, by the routing device connected to the network, from a computing device connected to the network, network traffic directed to a computing resource available over the network;
  
  in response, collecting, from a posture program, a security posture credential indicating a current configuration state of one or more components on the computing device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computing device;
  
  (ii) a posture plug-in executing on the computing device; and
  
  (iii) an audit server operatively connected to the computing device;
  
  forwarding the security posture credential collected from the computing device to the policy server, wherein the policy server performs an initial evaluation of the security posture credential of the computing device in order to determine a posture validation result indicating whether the computing device satisfies requirements of a security policy for accessing the computing resource;
  
  upon receiving a message from the policy server indicating that the security posture credential does not satisfy requirements of the security policy, redirecting access by;
  
  forwarding one or more remediation attributes to the remediation server to update, based on the one or more remediation attributes, the then current configuration state of the one or more components on the computing device in order to satisfy the requirements of the security policy; and
  
  forwarding network traffic from the computing resource towards the remediation server without granting access to the computing resource in the network; and
  
  upon receiving a message from the policy server indicating that the security posture credential satisfies the requirements of the security policy, or upon receiving a message from the remediation server indicating that the then current configuration state was successfully updated, granting access by;
  
  forwarding network traffic received from the computing device towards the computing resource; and
  
  updating records on the routing device in order to indicate the computing device is authorized to access the computing resource;
  
  wherein upon receiving a message from the remediation server indicating that the then current configuration state was not successfully updated, the routing device limits or denies access to the computing resource without limiting or denying any communications traffic destined for locations outside the network.

46. A computer-implemented method to control access to resources in a network by using an intercepting device, a policy server, and a remediation server and based on security posture credentials and redirect access instructions, the computer-implemented method comprising:
- intercepting, by the intercepting device, one or more messages sent by a computerized device requesting access to one of the resources in the network, the intercepting device comprising a data communications device;
  
  selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential, wherein the security posture credential includes one or more affirmative descriptions of the application or component on the computerized device and represents a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credentials relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction at the intercepting device by operation of one or more computer processors, to communications traffic originating from the computerized device and destined for resources within the network, in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable to restrict routing of any communications traffic destined for locations outside the network.

47. A non-transitory computer-readable medium containing a program which, when executed, performs an operation to control access to resources in a network by using an intercepting device, a policy server, and a remediation server and based on security posture credentials and access instructions, the operation comprising:
- intercepting, by the intercepting device, one or more messages sent by a computerized device requesting access to one of the resources in the network, the intercepting device comprising a data communications device;
  
  prior to granting the computerized device with the requested access to the network, and in response to intercepting the one or more messages sent by the computerized device, selecting, based on the resources for which access is requested one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential, wherein the security posture credential includes one or more affirmative descriptions of the application or component on the computerized device and represents a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credentials relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device in compliance with the security policy; and
  
  applying the redirect access instruction at the intercepting device by operation of one or more computer processors when executing the program, to communications traffic originating from the computerized device and destined for resources within the network in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable to restrict routing of any communications traffic destined for locations outside the network.

48. A routing device to control access to computing resources in a network, by operating in conjunction with a policy server and a remediation server and based on security posture credentials and access instructions, the routing device comprising:
- one or more computer processors;
  
  a memory containing a program which, when executed by the one or more computer processors, performs an operation comprising;
  
  intercepting one or more messages sent by a computerized device requesting access to one of the resources in the network;
  
  selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential, wherein the security posture credential includes one or more affirmative descriptions of the application or component on the computerized device and represents a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credential relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions to be performed for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction to communications traffic originating from the computerized device and destined for resources within the network, in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the routing device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the routing device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable to restrict routing of any communications traffic destined for locations outside the network.

49. A computer-implemented method to control access to resources in a network by using an intercepting device, a policy server, and a remediation server and based on security posture credentials and access instructions, the computer-implemented method comprising:
- intercepting, by the intercepting device, one or more messages sent by a computerized device requesting access to one of the resources in the network, the intercepting device comprising a data communications device;
  
  selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a corresponding security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credential relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction at the intercepting device by operation of one or more computer processors, to communications traffic originating from the computerized device and destined for resources within the network, in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable to restrict routing of any communications traffic destined for locations outside the network;
  
  wherein responsive to an update to the accepted credential set after the computerized device is granted with access to the resources in the network, the intercepting device transmits a posture update query to the computerized device and forwards a posture update response from the posture program to the policy server.

50. A non-transitory computer-readable medium containing a program which, when executed, performs an operation to control access to resources in a network by using an intercepting device, a policy server, and a remediation server and based on security posture credentials and access instructions, the operation comprising:
- intercepting, by the intercepting device, one or more messages sent by a computerized device requesting access to one of the resources in the network, the intercepting device comprising a data communications device;
  
  selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credential relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction at the intercepting device by operation of one or more computer processors when executing the program, to communications traffic originating from the computerized device and destined for resources within the network, in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable to restrict routing of any communications traffic destined for locations outside the network;
  
  wherein responsive to an update to the accepted credential set after the computerized device is granted with access to the resources in the network, the intercepting device transmits a posture update query to the computerized device and forwards a posture update response from the posture program to the policy server.

51. A routing device to control access to computing resources in a network, by operating in conjunction with a policy server and a remediation server and based on security posture credentials and access instructions, the routing device comprising:
- one or more computer processors;
  
  a memory containing a program which, when executed by the one or more computer processors, performs an operation comprising;
  
  intercepting one or more messages sent by a computerized device requesting access to one of the resources in the network;
  
  selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credential relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction to communications traffic originating from the computerized device and destined for resources within the network in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining that the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon successful completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the routing device to grant the computerized device with access to the resources in the network;
  
  wherein upon failure of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a restrict access instruction applicable by the routing device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable to restrict routing of any communications traffic destined for locations outside the network;
  
  wherein responsive to an update to the accepted credential set after the computerized device is granted with access to the resources in the network, the routing device transmits a posture update query to the computerized device and forwards a posture update response from the posture program to the policy server.

52. A computer-implemented method to control access to resources in a network by using an intercepting device, a policy server, and a remediation server and based on security posture credentials, and access instructions, the computer-implemented method comprising:
- intercepting, by the intercepting device, one or more messages sent by a computerized device requesting access to one of the resources in the network, the intercepting device comprising a data communications device;
  
  selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credentials relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction at the intercepting device by operation of one or more computer processors, to communications traffic originating from the computerized device and destined for resources within the network, in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the intercepting device to grant the computerized device with access to the resources in the network;
  
  wherein responsive to an update to the accepted credential set after the computerized device is granted with access to the resources in the network, the intercepting device transmits a posture update query to the computerized device and forwards a posture update response from the posture program to the policy server, whereupon the policy server analyzes the posture update response relative to the updated credential set in order to determine an updated posture validation result for the computerized device and generates a restrict access instruction based on the updated posture validation result, wherein the restrict access instruction is applicable by the intercepting device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable to restrict routing of any communications traffic destined for locations outside the network.

53. A routing device to control access to computing resources in a network, by operating in conjunction with a policy server and a remediation server and based on security posture credentials and access instructions, the routing device comprising:
- one or more computer processors;
  
  a memory containing a program which, when executed by the one or more computer processors, performs an operation comprising;
  
  intercepting one or more messages sent by a computerized device requesting access to one of the resources in the network;
  
  selecting, based on the resources for which access is requested, one or more challenge requests to provide to a posture program, whereupon the posture program evaluates a current security state of an application or component of the computing device in order to generate a security posture credential representing a current security state of the computerized device, wherein the posture program comprises at least one of;
  
  (i) a posture agent executing on the computerized device;
  
  (ii) a posture plug-in executing on the computerized device; and
  
  (iii) an audit server operatively connected to the computerized device;
  
  subsequent to receiving the security posture credential, forwarding the security posture credential to the policy server, whereupon the policy server analyzes the security posture credential relative to an accepted credential set representing requirements of a security policy for accessing the resources, in order to determine a posture validation result indicating whether the computerized device satisfies the requirements of the security policy;
  
  wherein upon determining the posture validation result indicates that the computerized device does not satisfy the requirements of the security policy, the policy server generates a redirect access instruction specifying one or more remedial actions for the remediation server to perform in order to bring the computerized device into compliance with the security policy; and
  
  applying the redirect access instruction to communications traffic originating from the computerized device and destined for resources within the network, in order to grant the computerized device with access to the remediation server without including access to the resources in the network;
  
  wherein upon determining the posture validation result indicates that the computerized device satisfies the requirements of the security policy, or upon completion of the one or more remedial actions to bring the computerized device into compliance with the security policy, the policy server generates a grant access instruction applicable by the routing device to grant the computerized device with access to the resources in the network;
  
  wherein responsive to an update to the accepted credential set after the computerized device is granted with access to the resources in the network, the routing device transmits a posture update query to the computerized device and forwards a posture update response from the posture program to the policy server, whereupon the policy server analyzes the posture update response relative to the updated credential set in order to determine an updated posture validation result for the computerized device and generates a restrict access instruction based on the updated posture validation result, wherein the restrict access instruction is applicable by the routing device to limit or deny access to the resources in the network, wherein the restrict access instruction is not applicable to restrict routing of any communications traffic destined for locations outside the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Wu, Fan, Rice, Russell E., Gleichauf, Robert E., Thomson, Susan E., Rochefort, Dany J., Salowey, Joseph A., Zhou, Hao, Yarlagadda, Venkateswara Rao
Primary Examiner(s)
Nguyen, Tu

Application Number

US10/909,755
Time in Patent Office

4,418 Days
Field of Search

709/229
US Class Current

1/1
CPC Class Codes

G06F 21/50   Monitoring users, programs ...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/02   for separating internal fro...

H04L 63/08   for authentication of entit...

H04L 63/20   for managing network securi...

Controlling access to resources in a network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

106 Citations

53 Claims

Specification

Use Cases

Quick Links

Others

Controlling access to resources in a network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

106 Citations

53 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others