公开(公告)号：US20200267146A1

公开(公告)日：2020-08-20

申请号：US16278517

申请日：2019-02-18

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Brijesh Nambiar ,  Manisha Singh

IPC: H04L29/06 ,  G06N20/00

Abstract: An integrated network security enforcement system is provided. Information from a network access control (NAC) device, network analytics engine (NAE) executing on a network analytics server (NAS), and a network controller are used to control network access of a client device and associated user. A login session for the user may be monitored by the NAE. Events based on risk analysis of user-initiated actions are sent to the NAC device and/or the network controller. Events may indicate to take action with respect to the client device (or user). For example, user-initiated actions that cumulatively appear as a security threat on a device (and possibly other devices) may be isolated or forced to re-authenticate. Risk assessment may be reduced if higher levels of authentication are performed by the user. Two-factor, or biometric authentication may allow greater risk (e.g., reduced risk assessment) than a login session using a single password.