Patent application number | Description | Published |
20080250407 | Network group name for virtual machines - Virtual machine (VM) management using a group name. By associating VM registration information with a group name, all VMs running off a single physical machine image can be managed (e.g., blocked or unblocked) simultaneously. A service component captures registration information (e.g., IP address-VM name pair) between a virtual machine and a name server. The IP address-VM name pair is recorded (or stored) in the name server database. Based on the VM pair, a record component generates a group name, and stores the VM pair in association with the group name in the name server database. Blocking of the group name then blocks all VMs associated with the group name. Moreover, queries against the group name will then expose all operational VMs for that host. Updates to the group name record can be made based on registration and deregistration of VMs for a given host machine. | 10-09-2008 |
20080263654 | Dynamic security shielding through a network resource - Architecture for facilitating access of remote system software functionality by a host machine for the redirection of incoming and/or outgoing host traffic through the remote system for protection services to the host machine. The host machine can gain the benefits of effective protection software such as firewall, intrusion protection software, and anti-malware services, of the remote machine. The host machine can choose to exercise traffic redirection when there is a risk of being compromised, and then revert back to direct communications when the risk has been averted. The host machine takes advantage of the resources available on the remote machine in substantially realtime with minimal disruption to the host and/or the remote machine operations. This facilitates widespread and temporary protection of network systems for a more secure working environment and improved customer experience. | 10-23-2008 |
20080282347 | Real-time network malware protection - A Network State Database (NSD) can comprise information regarding the network-centric state of one or more computing devices connected to a network. The information contained in the NSD can be passively received by the NSD, or it can be actively obtained by the NSD. Additionally the NSD can comprise either a centralized collection of information, or a distributed collection of information independently maintained and conceptualized as a single entity. The information of the NSD can be used by a Network Risk Management Service (NRMS) to appropriately respond and protect the network. The NRMS can provide relevant information from the NSD to subscribers, which can independently act to protect the network. The NRMS can likewise itself instruct computing devices regarding an appropriate action, or it can itself instruct the performance of such action. | 11-13-2008 |
20110131658 | DYNAMIC RISK MANAGEMENT - A dynamic risk management system for operating systems that provides monitoring, detection, assessment, and follow-up action to reduce the risk whenever it rises. The system enables an operating system to protect itself automatically in dynamic environments. The risk management system monitors a diverse set of attributes of the system which determines the security state of the system and is indicative of the risk the system is under. Based on a specification of risk levels for the various attributes and for their combinations, the risk management system determines whether one or more actions are required to alleviate the overall risk to the system. | 06-02-2011 |
20110179481 | NETWORK AWARE FIREWALL - Among other things, one or more systems and/or methods for a network aware firewall are disclosed. A method comprises accessing a first network connection from a client computer system and determining whether the first network connection is a first network type or a second network type. The method further comprises dynamically modifying security parameters associated with a firewall local to the client computer system in response to determining whether the network connection is the first network type or the second network type. | 07-21-2011 |
20110238801 | DYNAMIC SESSION MAINTENANCE FOR MOBILE COMPUTING DEVICES - A framework and method are disclosed for supporting changed addresses by mobile network nodes. Such support is provided through enhancements to the mobile network nodes and utilizes DNS servers, Dynamic Host Configuration Protocol (DHCP), and virtual private network (VPN) servers—or their functional equivalents—to dynamically assign a current network address to a mobile node, provide the current network address to an authoritative name server, and thereafter have correspondent nodes update their addresses for the mobile node based upon an address provided by the authoritative name server. A mobile node registers all of its name-to-address mappings with its authoritative DNS server using a time to live of zero. Furthermore, when a mobile node moves outside its home security domain, the mobile node initiates a virtual private network connection to a virtual private server for a security domain. | 09-29-2011 |
20120066381 | NETWORK DNA - Network DNA may be determined for a computer network that taxonomically classifies the computer network. Network DNA may include derived network DNA components and raw network DNA components. Raw network DNA components may be acquired from local or remote sources. Derived network DNA components may be generated according to derived network DNA component specifications. Derived network DNA component specifications may reference raw network DNA components. Network DNA determined for the computer network may include a network species component capable of indicating network species classifications for computer networks. Network species classifications may include enterprise network, home network and public place network. Network species classifications may be determined as a function of network security, network management and network addressing. One or more network DNA stores may be configured to store network DNA for computer networks. Network DNA stores may store network DNA history as well as current network DNA. | 03-15-2012 |
20130332988 | Aggregating The Knowledge Base Of Computer Systems To Proactively Protect A Computer From Malware - Techniques for aggregating a knowledge base of a plurality of security services or other event collection systems to protect a computer from malware are provided. In embodiments, a computer is protected from malware by using anti-malware services or other event collection systems to observe suspicious events that are potentially indicative of malware. A determination is made as to whether a combination of the suspicious events is indicative of malware. If the combination of suspicious events is indicative of malware, a restrictive security policy designed to prevent the spread of malware is implemented. | 12-12-2013 |
20140082738 | DYNAMIC RISK MANAGEMENT - A dynamic risk management system for operating systems that provides monitoring, detection, assessment, and follow-up action to reduce the risk whenever it rises. The system enables an operating system to protect itself automatically in dynamic environments. The risk management system monitors a diverse set of attributes of the system which determines the security state of the system and is indicative of the risk the system is under. Based on a specification of risk levels for the various attributes and for their combinations, the risk management system determines whether one or more actions are required to alleviate the overall risk to the system. | 03-20-2014 |
20140280798 | Network Classification - Network DNA may be determined for a computer network that taxonomically classifies the computer network. Network DNA may include derived network DNA components and raw network DNA components. Raw network DNA components may be acquired from local or remote sources. Derived network DNA components may be generated according to derived network DNA component specifications. Derived network DNA component specifications may reference raw network DNA components. Network DNA determined for the computer network may include a network species component capable of indicating network species classifications for computer networks. Network species classifications may include enterprise network, home network and public place network. Network species classifications may be determined as a function of network security, network management and network addressing. One or more network DNA stores may be configured to store network DNA for computer networks. Network DNA stores may store network DNA history as well as current network DNA. | 09-18-2014 |