公开(公告)号：US10999329B2

公开(公告)日：2021-05-04

申请号：US16742238

申请日：2020-01-14

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Suchit Shivashankar ,  Don Joy

IPC: H04L9/00 ,  H04L29/06 ,  H04W12/08 ,  H04W12/00

Abstract: Disclosed are various examples for enforcing network access permissions on applications that are installed on a client device. A network whitelist or network blacklist can be deployed by a management service onto a managed client device. A management component can facilitate enforcement of the whitelist and/or blacklist to enforce network access rules on installed applications.

公开(公告)号：US10819842B2

公开(公告)日：2020-10-27

申请号：US16038458

申请日：2018-07-18

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Manjunath Subramani ,  Suchit Shivashankar ,  Karthikeyan Palanisamy

IPC: H04L29/06 ,  H04L29/08 ,  H04M1/725 ,  H04W48/02 ,  H04W48/14 ,  H04W48/16

Abstract: Examples described herein include systems and methods for providing on-demand access to a restricted resource of a user device. An example method can include generating a profile that specifies a restricted resource and one or more conditions for that resource to be de-restricted. The profile can be sent to, and utilized by, an agent application executing on the user device. The agent application can determine that a user is requesting de-restriction of a resource and determine whether all applicable conditions are met. If the conditions are met, the agent application can de-restrict the resource. After the resource is used, the agent application can report details of the use to an administrator or management server.

公开(公告)号：US20200220903A1

公开(公告)日：2020-07-09

申请号：US16294962

申请日：2019-03-07

Applicant: VMWARE, INC

Inventor： Gaurav Verma ,  Manjunath Subramani ,  Suchit Shivashankar ,  Karthikeyan Palanisamy

IPC: H04L29/06 ,  G06F21/62

Abstract: Examples herein describe systems and methods for application-specific compliance enforcement. An example method can include receiving, at a user device, profiles containing application-specific restrictions. When a first application is opened, a management agent compares the corresponding application-specific restrictions with current device settings. This can be done with a checksum comparison where the checksums are created based on a hash with an application- or profile-specific identifier. If they differ, the management agent stores the current device settings and prompts for, or automatically changes, the device settings to new compliant values before allowing the first application to operate in the foreground of the user device screen. If the first application is closed or minimized, the stored device settings can be restored. The management agent can compare those against application-specific restrictions of the second application before allowing the second application to run in the foreground.

公开(公告)号：US10560482B2

公开(公告)日：2020-02-11

申请号：US15795286

申请日：2017-10-27

Applicant: VMWARE, INC.

Inventor： Gaurav Verma ,  Suchit Shivashankar ,  Don Joy

IPC: H04L9/00 ,  H04L29/06 ,  H04W12/08

Abstract: Disclosed are various examples for enforcing network access permissions on applications that are installed on a client device. A network whitelist or network blacklist can be deployed by a management service onto a managed client device. A management component can facilitate enforcement of the whitelist and/or blacklist to enforce network access rules on installed applications.

公开(公告)号：US20200028960A1

公开(公告)日：2020-01-23

申请号：US16038458

申请日：2018-07-18

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Manjunath Subramani ,  Suchit Shivashankar ,  Karthikeyan Palanisamy

IPC: H04M1/725 ,  H04W48/02 ,  H04W48/16 ,  H04W48/14 ,  H04L29/06 ,  H04L29/08

Abstract: Examples described herein include systems and methods for providing on-demand access to a restricted resource of a user device. An example method can include generating a profile that specifies a restricted resource and one or more conditions for that resource to be de-restricted. The profile can be sent to, and utilized by, an agent application executing on the user device. The agent application can determine that a user is requesting de-restriction of a resource and determine whether all applicable conditions are met. If the conditions are met, the agent application can de-restrict the resource. After the resource is used, the agent application can report details of the use to an administrator or management server.

公开(公告)号：US12086099B2

公开(公告)日：2024-09-10

申请号：US17981577

申请日：2022-11-07

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Manjunath Subramani

IPC: G06F16/11 ,  G06F8/65 ,  G06F16/182 ,  G06F21/31 ,  G06F21/60 ,  G06F21/62

CPC classification number: G06F16/119 ,  G06F8/65 ,  G06F16/182 ,  G06F21/31 ,  G06F21/602 ,  G06F21/6218

Abstract: Described herein are example methods and systems for enrolling a user device with an unified endpoint management system (“UEMS”) directly from another user device. The examples describe a first user device that is already enrolled with the UEMS and a second user device that is seeking to be enrolled. The two user devices can establish a direct connection with each other. The second user device can be authenticated by a user inputting the same migration password or pin at both user device. The first user device can generate and send a migration data file to the second user device. The migration data file can include settings, policies, software packages, and files managed by the UEMS. The second user device can copy settings, policies, and files, and install the applications from the migration data file. The second user device can notify an UEMS server of the device migration.

公开(公告)号：US11689575B2

公开(公告)日：2023-06-27

申请号：US17241524

申请日：2021-04-27

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Suchit Shivashankar ,  Don Joy

IPC: H04L9/40 ,  H04W12/08 ,  H04W12/37

CPC classification number: H04L63/20 ,  H04L63/101 ,  H04W12/08 ,  H04W12/37

Abstract: Disclosed are various examples for enforcing network access permissions on applications that are installed on a client device. A network whitelist or network blacklist can be deployed by a management service onto a managed client device. A management component can facilitate enforcement of the whitelist and/or blacklist to enforce network access rules on installed applications.

公开(公告)号：US20230161860A1

公开(公告)日：2023-05-25

申请号：US17572675

申请日：2022-01-11

Applicant: VMWARE, INC.

Inventor： Gaurav Verma ,  Suchit Shivashankar ,  Karthikeyan Palanisamy ,  Sruthi Surendran

IPC: G06F21/35

CPC classification number: G06F21/35

Abstract: Systems and methods are described for accessing a first user device using a digital badge from a second user device. The digital badge can include information that can be used to identify and authenticate a user profile. In an example, the first and second user devices can be enrolled in a system for managing user devices. A user can select to login to the first user device using a digital badge. The first user device can enable a wireless communication protocol and broadcast a digital badge request that is recognizable by other enrolled devices. The second user device can detect the broadcast and send its digital badge to the first user device. The first user device can send an access request and the digital badge to a server. The server can verify the digital badge, authenticate the user, and notify the first user device. The first user device can then grant the user access without the user inputting any credentials.

公开(公告)号：US20230112606A1

公开(公告)日：2023-04-13

申请号：US17499639

申请日：2021-10-12

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Karthikeyan Palanisamy

IPC: H04L29/06 ,  G06F8/61 ,  G06F16/955 ,  G06K7/14 ,  G06K19/06

Abstract: Systems and methods are described for enrolling a user device in a Unified Endpoint Management (“UEM”) system over a closed network. After an initial boot or factory reset of a user device, a user can scan a Quick Response code, or other scannable code, that is embedded with enrollment configuration data that includes configuration settings for communicating with a UEM server in the UEM system. Using the enrollment configuration data, the user device can retrieve an installation file for a management application. The user device can install the management application and give the management application access to the enrollment configuration data. The management application can disable hardcoded open network endpoints on the user device and configure the user device for UEM communications on the closed network. The user device can connect to the UEM server over the closed network and request enrollment in the UEM system.

公开(公告)号：US20230079795A1

公开(公告)日：2023-03-16

申请号：US17981577

申请日：2022-11-07

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Manjunath Subramani

IPC: G06F16/11 ,  G06F8/65 ,  G06F21/62 ,  G06F21/31 ,  G06F21/60 ,  G06F16/182

Abstract: Described herein are example methods and systems for enrolling a user device with an unified endpoint management system (“UEMS”) directly from another user device. The examples describe a first user device that is already enrolled with the UEMS and a second user device that is seeking to be enrolled. The two user devices can establish a direct connection with each other. The second user device can be authenticated by a user inputting the same migration password or pin at both user device. The first user device can generate and send a migration data file to the second user device. The migration data file can include settings, policies, software packages, and files managed by the UEMS. The second user device can copy settings, policies, and files, and install the applications from the migration data file. The second user device can notify an UEMS server of the device migration.