公开(公告)号：US20070198525A1

公开(公告)日：2007-08-23

申请号：US11353872

申请日：2006-02-13

申请人： Arindam Chatterjee ,  Bashar Kachachi ,  Bruce Leban ,  Calvin Choe ,  Charles Jeffries ,  Jeffrey Shipman ,  Lakshmanan Venkitaraman ,  Marc Shepard ,  Sachin Sheth ,  Shankar Seal ,  Yang Gao ,  Patrick Stratton ,  Michael Lee

发明人： Arindam Chatterjee ,  Bashar Kachachi ,  Bruce Leban ,  Calvin Choe ,  Charles Jeffries ,  Jeffrey Shipman ,  Lakshmanan Venkitaraman ,  Marc Shepard ,  Sachin Sheth ,  Shankar Seal ,  Yang Gao ,  Patrick Stratton ,  Michael Lee

IPC分类号： G06F17/30

CPC分类号： G06F21/57 ,  G06F8/60 ,  G06F21/572

摘要： A managed network with a quarantine enforcement policy based on the status of installed updates for software on each client seeking access to the managed network. To determine whether a client requesting access has up-to-date software, an access server may communicate directly with an update server to determine the update status of the client requesting access. Information from the update server allows the update server to determine which update the client requesting access is missing. The access server may also receive an indication of the severity of the updates missing from the client requesting access. The access server may use the severity information to apply a quarantine enforcement policy, thereby avoiding the need for either the client or access server to be programmed to identify specific software updates that must be installed for a client to comply with a quarantine enforcement policy. To reduce network congestion and delays seeking access to the network, the quarantine enforcement policy includes a deadline by which updates must be installed. Establishing a deadline allows a grace period during which clients may download new updates and avoids network congestion from multiple clients downloading updates simultaneously.

摘要翻译： 具有隔离执行策略的受管网络，其基于每个客户端上寻求访问受管网络的软件的已安装更新的状态。 为了确定请求访问的客户端是否具有最新的软件，访问服务器可以直接与更新服务器通信，以确定请求访问的客户端的更新状态。 来自更新服务器的信息允许更新服务器确定客户端请求访问的哪个更新丢失。 访问服务器还可以从请求访问的客户端接收对缺少的更新的严重性的指示。 访问服务器可以使用严重性信息来应用隔离实施策略，从而避免客户端或访问服务器被编程为识别必须为客户端安装以符合隔离执行策略的特定软件更新。 为了减少网络拥塞和寻求访问网络的延迟，隔离实施策略包括必须安装更新的截止日期。 建立最后期限允许客户端下载新更新的宽限期，并避免多个客户端同时下载更新的网络拥塞。