公开(公告)号：US20060236392A1

公开(公告)日：2006-10-19

申请号：US11096490

申请日：2005-03-31

申请人： Anil Thomas ,  Michael Kramer ,  Mihai Costea ,  Efim Hudis ,  Pradeep Bahl ,  Rajesh Dadhia ,  Yigal Edery

发明人： Anil Thomas ,  Michael Kramer ,  Mihai Costea ,  Efim Hudis ,  Pradeep Bahl ,  Rajesh Dadhia ,  Yigal Edery

IPC分类号： G06F12/14

CPC分类号： G06F21/56 ,  G06F21/562 ,  G06F21/577

摘要： In accordance with the present invention, a system, method, and computer-readable medium for aggregating the knowledge base of a plurality of security services or other event collection systems to protect a computer from malware is provided. One aspect of the present invention is a method that proactively protects a computer from malware. More specifically, the method comprises: using anti-malware services or other event collection systems to observe suspicious events that are potentially indicative of malware; determining if the suspicious events satisfy a predetermined threshold; and if the suspicious events satisfy the predetermined threshold, implementing a restrictive security policy designed to prevent the spread of malware.

摘要翻译： 根据本发明，提供了一种用于聚合多个安全服务或其他事件收集系统的知识库以保护计算机免受恶意软件的系统，方法和计算机可读介质。 本发明的一个方面是主动保护计算机免受恶意软件的方法。 更具体地，该方法包括：使用反恶意软件服务或其他事件收集系统来观察潜在地指示恶意软件的可疑事件; 确定可疑事件是否满足预定阈值; 并且如果可疑事件满足预定阈值，则实施旨在防止恶意软件传播的限制性安全策略。

公开(公告)号：US08516583B2

公开(公告)日：2013-08-20

申请号：US11096490

申请日：2005-03-31

申请人： Anil Francis Thomas ,  Michael Kramer ,  Mihai Costea ,  Efim Hudis ,  Pradeep Bahl ,  Rajesh K Dadhia ,  Yigal Edery

发明人： Anil Francis Thomas ,  Michael Kramer ,  Mihai Costea ,  Efim Hudis ,  Pradeep Bahl ,  Rajesh K Dadhia ,  Yigal Edery

IPC分类号： G06F21/00

CPC分类号： G06F21/56 ,  G06F21/562 ,  G06F21/577

摘要： In accordance with the present invention, a system, method, and computer-readable medium for aggregating the knowledge base of a plurality of security services or other event collection systems to protect a computer from malware is provided. One aspect of the present invention is a method that proactively protects a computer from malware by using anti-malware services or other event collection systems to observe suspicious events that are potentially indicative of malware; determining if the suspicious events satisfy a predetermined threshold; and if the suspicious events satisfy the predetermined threshold, implementing a restrictive security policy designed to prevent the spread of malware.

摘要翻译： 根据本发明，提供了一种用于聚合多个安全服务或其他事件收集系统的知识库以保护计算机免受恶意软件的系统，方法和计算机可读介质。 本发明的一个方面是通过使用反恶意软件服务或其他事件收集系统来观察潜在地指示恶意软件的可疑事件来主动地保护计算机免受恶意软件的影响; 确定可疑事件是否满足预定阈值; 并且如果可疑事件满足预定阈值，则实施旨在防止恶意软件传播的限制性安全策略。

公开(公告)号：US20090178131A1

公开(公告)日：2009-07-09

申请号：US12164078

申请日：2008-06-29

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  Nir Nice ,  John F. Wohlfert

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  Nir Nice ,  John F. Wohlfert

IPC分类号： G06F21/00

CPC分类号： G06F21/56 ,  G06F16/9535 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的服务中 用户通过基于互联网的在线点（“POPs”）进行访问。 POP被配置有转发代理服务器，并且在一些实现中，缓存和网络加速组件，并且耦合到提供诸如主动目录服务的配置管理和身份管理服务的集线器。

公开(公告)号：US08296178B2

公开(公告)日：2012-10-23

申请号：US12192113

申请日：2008-08-14

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

IPC分类号： G05B19/418

CPC分类号： G06F21/56 ,  G06F17/30867 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的 用户通过基于互联网的在线点（POPs）达成的服务。 POPs配置有转发代理服务器，在某些实现中，缓存和网络加速组件，并耦合到提供配置管理和身份管理服务（如主动目录服务）的集线器。

公开(公告)号：US08910268B2

公开(公告)日：2014-12-09

申请号：US12192107

申请日：2008-08-14

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06Q30/02 ,  G06F17/30 ,  G06F21/56 ,  G06F21/62 ,  G06F21/55

CPC分类号： G06F21/56 ,  G06F17/30867 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的 用户通过基于互联网的在线点（“POPs”）达成的服务。 POPs配置有转发代理服务器，在某些实现中，缓存和网络加速组件，并耦合到提供配置管理和身份管理服务（如主动目录服务）的集线器。

公开(公告)号：US20090178132A1

公开(公告)日：2009-07-09

申请号：US12192107

申请日：2008-08-14

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

IPC分类号： G06F21/00

CPC分类号： G06F21/56 ,  G06F17/30867 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的 用户通过基于互联网的在线点（“POPs”）达成的服务。 POP被配置有转发代理服务器，并且在一些实现中，缓存和网络加速组件，并且耦合到提供诸如主动目录服务的配置管理和身份管理服务的集线器。

公开(公告)号：US08881223B2

公开(公告)日：2014-11-04

申请号：US12192111

申请日：2008-08-14

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

IPC分类号： G06F17/00 ,  G06Q30/02 ,  G06F17/30 ,  H04L29/06 ,  G06F21/55 ,  G06F21/56 ,  G06F21/62

CPC分类号： G06F21/56 ,  G06F17/30867 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and off-premise or roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和非内部部署或漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的 用户通过基于互联网的在线点（“POPs”）达成的服务。 POPs配置有转发代理服务器，在某些实现中，缓存和网络加速组件，并耦合到提供配置管理和身份管理服务（如主动目录服务）的集线器。

公开(公告)号：US20090178108A1

公开(公告)日：2009-07-09

申请号：US12192111

申请日：2008-08-14

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

IPC分类号： G06F17/00

CPC分类号： G06F21/56 ,  G06F17/30867 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and off-premise or roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和非内部部署或漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的 用户通过基于互联网的在线点（“POPs”）达成的服务。 POP被配置有转发代理服务器，并且在一些实现中，缓存和网络加速组件，并且耦合到提供诸如主动目录服务的配置管理和身份管理服务的集线器。

公开(公告)号：US20090177514A1

公开(公告)日：2009-07-09

申请号：US12192113

申请日：2008-08-14

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

IPC分类号： G06F9/46 ,  H04L9/32 ,  G06F7/06 ,  G06Q30/00 ,  G06F12/14 ,  G06F17/30

CPC分类号： G06F21/56 ,  G06F17/30867 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的 用户通过基于互联网的在线点（“POPs”）达成的服务。 POP被配置有转发代理服务器，并且在一些实现中，缓存和网络加速组件，并且耦合到提供诸如主动目录服务的配置管理和身份管理服务的集线器。

公开(公告)号：US07844700B2

公开(公告)日：2010-11-30

申请号：US11097060

申请日：2005-03-31

申请人： Adrian M Marinescu ,  Marc E Seinfeld ,  Michael Kramer ,  Yigal Edery

发明人： Adrian M Marinescu ,  Marc E Seinfeld ,  Michael Kramer ,  Yigal Edery

IPC分类号： G06F15/173 ,  G06F11/30

CPC分类号： H04L63/0209 ,  H04L63/1416 ,  H04L63/145

摘要： In accordance with the present invention, a system, method, and computer-readable medium for identifying malware at a network transit point such as a computer that serves as a gateway to an internal or private network is provided. A network transmission is scanned for malware at a network transit point without introducing additional latency to the transmission of data over the network. In accordance with one aspect of the present invention, a computer-implemented method for identifying malware at a network transit point is provided. More specifically, when a packet in a transmission is received at the network transit point, the packet is immediately forwarded to the target computer. Simultaneously, the packet and other data in the transmission are scanned for malware by an antivirus engine. If malware is identified in the transmission, the target computer is notified that the transmission contains malware.

摘要翻译： 根据本发明，提供了一种系统，方法和计算机可读介质，用于在诸如用作内部或专用网络的网关的计算机之类的网络转接点处识别恶意软件。 在网络传输点扫描网络传输恶意软件，而不会对网络上的数据传输造成额外的延迟。 根据本发明的一个方面，提供了一种用于在网络中转点识别恶意软件的计算机实现的方法。 更具体地，当在网络转接点接收到传输中的分组时，该分组立即被转发到目标计算机。 同时，传输中的数据包和其他数据由防病毒引擎扫描恶意软件。 如果在传输中识别到恶意软件，则通知目标计算机该传输包含恶意软件。