-
公开(公告)号:US20070011733A1
公开(公告)日:2007-01-11
申请号:US11178219
申请日:2005-07-08
申请人: Abolade Gbadegesin , Arvind Murching , David Thaler , Henry Sanders , Narendra Gidwani , Paul Mayfield
发明人: Abolade Gbadegesin , Arvind Murching , David Thaler , Henry Sanders , Narendra Gidwani , Paul Mayfield
IPC分类号: G06F17/00
CPC分类号: H04L29/12066 , H04L29/12216 , H04L61/1511 , H04L61/2007 , H04L67/104 , H04L67/1044 , H04L67/1051
摘要: A unified architecture for enabling remote access to a network is provided. The network may comprise, as examples, a virtual private network (VPN) and/or a peer-to-peer network. In one embodiment, the architecture includes components installed on a client device/node and a gateway/supernode. Components implemented on the client device may facilitate access in a manner similar to that of a traditional VPN, while components on the gateway may facilitate access in a manner similar to an application proxy. Communication between the client device and gateway may occur, as an example, via a Secure Sockets Layer (SSL) communication protocol.
摘要翻译: 提供了一种用于启用远程访问网络的统一架构。 作为示例,网络可以包括虚拟专用网(VPN)和/或对等网络。 在一个实施例中,该架构包括安装在客户端设备/节点和网关/超级节点上的组件。 在客户端设备上实施的组件可以以类似于传统VPN的方式促进访问,而网关上的组件可以以类似于应用代理的方式促进访问。 作为示例,可以通过安全套接字层(SSL)通信协议来发生客户端设备和网关之间的通信。
-
公开(公告)号:US20050131997A1
公开(公告)日:2005-06-16
申请号:US10823686
申请日:2004-04-14
申请人: Elliot Lewis , Hakan Berk , Narendra Gidwani , Jesper Johansson , Timothy Moore , Ashwin Palekar
发明人: Elliot Lewis , Hakan Berk , Narendra Gidwani , Jesper Johansson , Timothy Moore , Ashwin Palekar
CPC分类号: H04L63/10 , G06F21/552 , G06F21/57 , G06F21/577 , G06F2221/2105 , H04L29/12226 , H04L61/2015 , H04L67/34
摘要: A system and method for ensuring that machines having invalid or corrupt states are restricted from accessing network resources are provided. A quarantine server located on a trusted machine in a network provides a bill of health to a quarantine agent located on a client computer that wishes to gain access to network resources administered by an organization. The quarantine agent requests bill of health from the quarantine server, and receives a manifest of checks that the client computer must perform. The quarantine agent then sends a status report on the checks back to the quarantine server. If the client computer is in a valid security state, the bill of health is issued to the client. If the client computer is in an invalid state, the client is directed to install the appropriate software/patches to achieve a valid state. When a client requests the use of network resources from a network administrator, the network administrator requests the client's bill of health. If the bill of health is valid, the client is admitted to the network. If the bill of health is invalid, or if the client does not have a quarantine agent, the client is placed in quarantine, in which the only network resources accessible to the client are those necessary to install the quarantine agent and requisite software/patches to achieve a valid state.
摘要翻译: 提供了一种用于确保具有无效或损坏状态的机器被限制访问网络资源的系统和方法。 位于网络中的受信任计算机上的隔离服务器为位于客户端计算机上的隔离代理提供健康清单,希望访问组织管理的网络资源。 隔离代理从隔离服务器请求健康状况,并收到客户端计算机必须执行的检查清单。 然后,隔离代理将检查的状态报告发送到隔离服务器。 如果客户端计算机处于有效的安全状态,则会向客户端发送健康证明。 如果客户端计算机处于无效状态,客户端将被指示安装相应的软件/修补程序以实现有效状态。 当客户端请求网络管理员使用网络资源时,网络管理员请求客户的健康状况。 如果身体健康状况有效,客户可以进入网络。 如果健康状况无效,或客户端没有隔离代理,则客户端将被隔离,客户端可访问的唯一网络资源是安装隔离代理程序和必需的软件/修补程序所必需的网络资源 达到有效状态。
-
公开(公告)号:US20060005229A1
公开(公告)日:2006-01-05
申请号:US11197155
申请日:2005-08-04
申请人: Ashwin Palekar , Bernard Aboda , Narendra Gidwani , Michel Guittet , Todd Paul , David Eitelbach , Stephen Bensley
发明人: Ashwin Palekar , Bernard Aboda , Narendra Gidwani , Michel Guittet , Todd Paul , David Eitelbach , Stephen Bensley
IPC分类号: G06F17/00
CPC分类号: H04L63/102 , G06F21/6218 , H04L63/20
摘要: A policy server program evaluates one or more policy statements based on the group or groups to which a user belongs as well as other conditions. Each policy statement expresses an implementation of the access policy of the network, and is associated with a profile. The profile contains one or more actions that are to be applied to the user. The policy server program determines the identity of the group or groups to which the user belongs by referencing one or more group attributes contained in a user object which is located in a directory on the network. The user object and its group parameters are established when the user is added to the directory, while a policy statement for a group can be created at any time.
-
公开(公告)号:US20050267954A1
公开(公告)日:2005-12-01
申请号:US10973970
申请日:2004-10-27
申请人: Elliot Lewis , Hakan Berk , Ljubomir Bradic , Calvin Choe , Narendra Gidwani , Vivek Kamath , Timothy Moore , Ashwin Palekar
发明人: Elliot Lewis , Hakan Berk , Ljubomir Bradic , Calvin Choe , Narendra Gidwani , Vivek Kamath , Timothy Moore , Ashwin Palekar
IPC分类号: H04L12/26 , H04L12/24 , H04L29/06 , G06F15/177
CPC分类号: H04L63/0823 , H04L63/104 , H04L63/164
摘要: A system and method for ensuring that machines having invalid or corrupt states are restricted from accessing network resources are provided. A quarantine coordination client (QCC) located on a client machine acquires statements of health from a plurality of quarantine policy clients. The QCC packages the statements and provides the package to a quarantine enforcement client (QEC). The QEC sends the package to a quarantine enforcement server (QES) with a request for network access. The QES passes the package to a quarantine coordination server (QCS) that disassembles the package and passes the individual statements of health to corresponding quarantine policy servers (QPS). The QPSs validate the statements of health and inform the QCS of the result. If the client provided valid statements of health, the QES grants the client access to the network.
摘要翻译: 提供了一种用于确保具有无效或损坏状态的机器被限制访问网络资源的系统和方法。 位于客户端计算机上的隔离协调客户端(QCC)从多个隔离策略客户端获取健康声明。 QCC封装语句,并将该包提供给隔离执行客户端(QEC)。 QEC将包裹发送到具有网络访问请求的隔离执行服务器(QES)。 QES将包裹传递到隔离协议服务器(QCS),该服务器反汇编包,并将单个健康声明传递给相应的隔离策略服务器(QPS)。 QPS验证健康声明并通知QCS结果。 如果客户端提供了有效的健康声明,则QES授予客户端访问网络的权限。
-
-
-
搜索结果
4 条记录 (耗时 0.01 秒)
