公开(公告)号：US20110138441A1

公开(公告)日：2011-06-09

申请号：US12633805

申请日：2009-12-09

申请人： John Neystadt ,  Yigal Edery ,  Yan Belinky ,  Anders B. Vinberg ,  Dennis Scott Batchelder ,  Shimon Yannay

发明人： John Neystadt ,  Yigal Edery ,  Yan Belinky ,  Anders B. Vinberg ,  Dennis Scott Batchelder ,  Shimon Yannay

IPC分类号： G06Q10/00 ,  G06F21/00 ,  G06F15/177 ,  G06F9/455

CPC分类号： H04L63/20 ,  G06F9/5077 ,  G06F21/53 ,  H04L63/10

摘要： Architecture that provides model-based systems management in virtualized and non-virtualized environments. A security component provides security models which define security requirements for services. A management component applies one or more of the security models during the lifecycle of virtual machines and services. The lifecycle can include initial deployment, expansion, moving servers, monitoring, and reporting. The architecture creates a formal description model of how a virtual machine or a service (composition of multiple virtual machines) is secured. The security requirements information can also be fed back to the general management system which uses this information in its own activities such as to guide the placement of workloads on servers can be security related.

摘要翻译： 在虚拟化和非虚拟化环境中提供基于模型的系统管理的架构。 安全组件提供了定义服务安全性要求的安全模型。 管理组件在虚拟机和服务的生命周期中应用一个或多个安全模型。 生命周期可以包括初始部署，扩展，移动服务器，监控和报告。 该架构创建了如何保护虚拟机或服务（多个虚拟机的组合）的正式描述模型。 安全要求信息也可以反馈给在其自身活动中使用该信息的通用管理系统，以指导服务器上的工作负载的布置可以与安全相关。

公开(公告)号：US08726334B2

公开(公告)日：2014-05-13

申请号：US12633805

申请日：2009-12-09

申请人： John Neystadt ,  Yigal Edery ,  Yan Belinky ,  Anders B Vinberg ,  Dennis Scott Batchelder ,  Shimon Yannay

发明人： John Neystadt ,  Yigal Edery ,  Yan Belinky ,  Anders B Vinberg ,  Dennis Scott Batchelder ,  Shimon Yannay

IPC分类号： H04L9/00 ,  H04L29/06 ,  G06F21/53

CPC分类号： H04L63/20 ,  G06F9/5077 ,  G06F21/53 ,  H04L63/10

摘要： Architecture that provides model-based systems management in virtualized and non-virtualized environments. A security component provides security models which define security requirements for services. A management component applies one or more of the security models during the lifecycle of virtual machines and services. The lifecycle can include initial deployment, expansion, moving servers, monitoring, and reporting. The architecture creates a formal description model of how a virtual machine or a service (composition of multiple virtual machines) is secured. The security requirements information can also be fed back to the general management system which uses this information in its own activities such as to guide the placement of workloads on servers can be security related.

摘要翻译： 在虚拟化和非虚拟化环境中提供基于模型的系统管理的架构。 安全组件提供了定义服务安全性要求的安全模型。 管理组件在虚拟机和服务的生命周期中应用一个或多个安全模型。 生命周期可以包括初始部署，扩展，移动服务器，监控和报告。 该架构创建了如何保护虚拟机或服务（多个虚拟机的组合）的正式描述模型。 安全要求信息也可以反馈给在其自身活动中使用该信息的通用管理系统，以指导服务器上的工作负载的布置可以与安全相关。

公开(公告)号：US07844700B2

公开(公告)日：2010-11-30

申请号：US11097060

申请日：2005-03-31

申请人： Adrian M Marinescu ,  Marc E Seinfeld ,  Michael Kramer ,  Yigal Edery

发明人： Adrian M Marinescu ,  Marc E Seinfeld ,  Michael Kramer ,  Yigal Edery

IPC分类号： G06F15/173 ,  G06F11/30

CPC分类号： H04L63/0209 ,  H04L63/1416 ,  H04L63/145

摘要： In accordance with the present invention, a system, method, and computer-readable medium for identifying malware at a network transit point such as a computer that serves as a gateway to an internal or private network is provided. A network transmission is scanned for malware at a network transit point without introducing additional latency to the transmission of data over the network. In accordance with one aspect of the present invention, a computer-implemented method for identifying malware at a network transit point is provided. More specifically, when a packet in a transmission is received at the network transit point, the packet is immediately forwarded to the target computer. Simultaneously, the packet and other data in the transmission are scanned for malware by an antivirus engine. If malware is identified in the transmission, the target computer is notified that the transmission contains malware.

摘要翻译： 根据本发明，提供了一种系统，方法和计算机可读介质，用于在诸如用作内部或专用网络的网关的计算机之类的网络转接点处识别恶意软件。 在网络传输点扫描网络传输恶意软件，而不会对网络上的数据传输造成额外的延迟。 根据本发明的一个方面，提供了一种用于在网络中转点识别恶意软件的计算机实现的方法。 更具体地，当在网络转接点接收到传输中的分组时，该分组立即被转发到目标计算机。 同时，传输中的数据包和其他数据由防病毒引擎扫描恶意软件。 如果在传输中识别到恶意软件，则通知目标计算机该传输包含恶意软件。

公开(公告)号：US20090178131A1

公开(公告)日：2009-07-09

申请号：US12164078

申请日：2008-06-29

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  Nir Nice ,  John F. Wohlfert

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  Nir Nice ,  John F. Wohlfert

IPC分类号： G06F21/00

CPC分类号： G06F21/56 ,  G06F16/9535 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的服务中 用户通过基于互联网的在线点（“POPs”）进行访问。 POP被配置有转发代理服务器，并且在一些实现中，缓存和网络加速组件，并且耦合到提供诸如主动目录服务的配置管理和身份管理服务的集线器。

公开(公告)号：US20060149968A1

公开(公告)日：2006-07-06

申请号：US11370114

申请日：2006-03-07

申请人： Yigal Edery ,  Nimrod Vered ,  David Kroll ,  Shlomo Touboul

发明人： Yigal Edery ,  Nimrod Vered ,  David Kroll ,  Shlomo Touboul

IPC分类号： H04L9/00

CPC分类号： H04L63/145 ,  G06F21/51 ,  G06F21/52 ,  G06F2221/2119 ,  G06F2221/2141 ,  H04L63/1441 ,  H04L63/168

摘要： Protection systems and methods provide for protecting one or more personal computers (“PCs”) and/or other intermittently or persistently network accessible devices or processes from undesirable or otherwise malicious operations of Java™ applets, ActiveX™ controls, JavaScript™ scripts, Visual Basic scripts, add-ins, downloaded/uploaded programs or other “Downloadables” or “mobile code” in whole or part. A protection engine embodiment provides, within a server, firewall or other suitable “re-communicator,” for monitoring information received by the communicator, determining whether received information does or is likely to include executable code, and if so, causes mobile protection code (MPC) to be transferred to and rendered operable within a destination device of the received information, more suitably by forming a protection agent including the MPC, protection policies and a detected-Downloadable. An MPC embodiment further provides, within a Downloadable-destination, for initiating the Downloadable, enabling malicious Downloadable operation attempts to be received by the MPC, and causing (predetermined) corresponding operations to be executed in response to the attempts, more suitably in conjunction with protection policies.

公开(公告)号：US08296178B2

公开(公告)日：2012-10-23

申请号：US12192113

申请日：2008-08-14

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

IPC分类号： G05B19/418

CPC分类号： G06F21/56 ,  G06F17/30867 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的 用户通过基于互联网的在线点（POPs）达成的服务。 POPs配置有转发代理服务器，在某些实现中，缓存和网络加速组件，并耦合到提供配置管理和身份管理服务（如主动目录服务）的集线器。

公开(公告)号：US20060236392A1

公开(公告)日：2006-10-19

申请号：US11096490

申请日：2005-03-31

申请人： Anil Thomas ,  Michael Kramer ,  Mihai Costea ,  Efim Hudis ,  Pradeep Bahl ,  Rajesh Dadhia ,  Yigal Edery

发明人： Anil Thomas ,  Michael Kramer ,  Mihai Costea ,  Efim Hudis ,  Pradeep Bahl ,  Rajesh Dadhia ,  Yigal Edery

IPC分类号： G06F12/14

CPC分类号： G06F21/56 ,  G06F21/562 ,  G06F21/577

摘要： In accordance with the present invention, a system, method, and computer-readable medium for aggregating the knowledge base of a plurality of security services or other event collection systems to protect a computer from malware is provided. One aspect of the present invention is a method that proactively protects a computer from malware. More specifically, the method comprises: using anti-malware services or other event collection systems to observe suspicious events that are potentially indicative of malware; determining if the suspicious events satisfy a predetermined threshold; and if the suspicious events satisfy the predetermined threshold, implementing a restrictive security policy designed to prevent the spread of malware.

摘要翻译： 根据本发明，提供了一种用于聚合多个安全服务或其他事件收集系统的知识库以保护计算机免受恶意软件的系统，方法和计算机可读介质。 本发明的一个方面是主动保护计算机免受恶意软件的方法。 更具体地，该方法包括：使用反恶意软件服务或其他事件收集系统来观察潜在地指示恶意软件的可疑事件; 确定可疑事件是否满足预定阈值; 并且如果可疑事件满足预定阈值，则实施旨在防止恶意软件传播的限制性安全策略。

公开(公告)号：US08910268B2

公开(公告)日：2014-12-09

申请号：US12192107

申请日：2008-08-14

申请人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

发明人： Efim Hudis ,  Yigal Edery ,  Oleg Ananiev ,  John Wohlfert ,  Nir Nice

IPC分类号： G06F21/00 ,  H04L29/06 ,  G06Q30/02 ,  G06F17/30 ,  G06F21/56 ,  G06F21/62 ,  G06F21/55

CPC分类号： G06F21/56 ,  G06F17/30867 ,  G06F21/55 ,  G06F21/629 ,  G06F2221/2115 ,  G06F2221/2141 ,  G06F2221/2149 ,  G06F2221/2151 ,  G06Q30/0204 ,  G06Q30/0215 ,  H04L63/0281 ,  H04L63/14 ,  H04L63/20

摘要： Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.

摘要翻译： 启用安全内容管理作为基于云的服务，通过该服务可以为内部部署的网络用户和漫游用户实施安全保护和策略强制。 全球SCM服务将通常由企业网络SCM设备硬件或服务器提供的安全功能（如防病毒，间谍软件和网络钓鱼保护，防火墙，入侵检测，集中管理等）集成到基于云的 用户通过基于互联网的在线点（“POPs”）达成的服务。 POPs配置有转发代理服务器，在某些实现中，缓存和网络加速组件，并耦合到提供配置管理和身份管理服务（如主动目录服务）的集线器。

公开(公告)号：US08732797B2

公开(公告)日：2014-05-20

申请号：US12871919

申请日：2010-08-31

申请人： Vladimir Holostov ,  Yigal Edery ,  Yair Geva

发明人： Vladimir Holostov ,  Yigal Edery ,  Yair Geva

IPC分类号： G06F11/00

CPC分类号： H04L63/1416 ,  G06F21/53 ,  H04L63/1441

摘要： Architecture that addresses security concerns while still providing transparent user experience with ability to perform tasks. When a user machine is considered incompliant or compromised due to, for example, a suspected infection, the user machine can be blocked from further access to a network or other computing hosts until the incompliance is resolved. A notification is presented that indicates the nature of the problem, and a way to access an automatically configured isolated environment via which to continue working. The user can be automatically routed to use the alternative isolated environment for temporary access to network resources. Once the user finishes activities in the isolated environment, the system hosting the isolated environment is reverted back to a known good state.

摘要翻译： 解决安全问题的架构，同时仍然能够提供具有执行任务能力的透明用户体验。 当用户机器由于例如疑似感染而被认为是不合格或受损时，可以阻止用户机器进一步访问网络或其它计算机主机，直到解除不合规。 提供了一个指示问题性质的通知，以及访问自动配置的隔离环境以通过其继续工作的方式。 用户可以自动路由使用备用隔离环境来临时访问网络资源。 一旦用户在隔离的环境中完成活动，托管隔离环境的系统将恢复到已知的良好状态。

公开(公告)号：US20100162346A1

公开(公告)日：2010-06-24

申请号：US12339106

申请日：2008-12-19

申请人： Vladimir Holostov ,  Yigal Edery ,  David B. Cross

发明人： Vladimir Holostov ,  Yigal Edery ,  David B. Cross

IPC分类号： G06F21/00

CPC分类号： G06F21/577 ,  G06Q30/02

摘要： Methods, systems, and computer-readable media are disclosed for selecting a set of security offerings. A particular method includes receiving a security need profile associated with a computing environment and receiving security offering information related to a plurality of security offerings. The security offerings of the plurality of security offerings are evaluated with respect to the security need profile. A set of security offerings from the plurality of security offerings are automatically selected.

摘要翻译： 公开了用于选择一组安全产品的方法，系统和计算机可读介质。 特定方法包括接收与计算环境相关联的安全需求简档，并接收与多个安全产品相关的安全提供信息。 针对安全需求概况来评估多个安全产品的安全性。 自动选择来自多个安全产品的一组安全产品。