公开(公告)号：US09910752B2

公开(公告)日：2018-03-06

申请号：US15136790

申请日：2016-04-22

Applicant: Tanium Inc.

Inventor： Lisa Lippincott ,  David Hindawi ,  Orion Hindawi ,  Peter Lincroft

IPC: G06F11/00 ,  G06F11/30 ,  H04L12/26

CPC classification number: G06F11/30 ,  G06F11/00 ,  H04L43/0864

Abstract: Method and system for providing message communications with failure detection and recovery are disclosed. At a respective node of a non-static collection of nodes forming a linear communication orbit: the node identifies, from among the non-static collection of nodes, a set of forward contacts distributed in a forward direction along the linear communication orbit; the node monitors a propagation state of a first query that has departed from the respective node to travel in the forward direction along the linear communication orbit; and upon detecting a propagation failure of the first query based on the monitoring, the node sends the first query directly to a first forward contact among the set of forward contacts to initiate a failure recovery process within at least part of a segment of the linear communication orbit between the respective node and the first forward contact of the respective node.

公开(公告)号：US20160286540A1

公开(公告)日：2016-09-29

申请号：US15174850

申请日：2016-06-06

Applicant: Tanium Inc.

Inventor： David Hindawi ,  Orion Hindawi ,  Lisa Lippincott ,  Peter Lincroft

IPC: H04W72/04 ,  H04L12/26 ,  H04W48/16

CPC classification number: H04W72/0406 ,  H04L41/04 ,  H04L41/044 ,  H04L41/082 ,  H04L41/0893 ,  H04L41/12 ,  H04L43/02 ,  H04L43/04 ,  H04L43/0817 ,  H04L43/10 ,  H04L45/02 ,  H04L61/00 ,  H04L63/00 ,  H04L63/20 ,  H04L67/02 ,  H04L67/1046 ,  H04L67/1048 ,  H04L67/1063 ,  H04L67/1065 ,  H04L67/1072 ,  H04W8/005 ,  H04W24/02 ,  H04W48/16 ,  H04W84/18

Abstract: Machines in a managed network implement a set of rules that cause individual machines to directly interact with only a small number of machines in the network. Independent local actions of the individual machines collectively cause the individual machines to be self-organized into one or more communication orbits without any global control or coordination by a server or an administrator. The communication orbits are used for supporting security management, including, at a first node of the network, receiving a security management message from an upstream neighbor through a respective receiving channel from the upstream neighbor to the first node; performing one or more security management operations in accordance with the security management message received from the upstream neighbor; and forwarding the security management message to a downstream neighbor through a respective propagation channel from the first node to the downstream neighbor.

Abstract translation: 托管网络中的机器实施一组规则，使一些机器能够直接与网络中的少量机器进行交互。 各个机器的独立本地动作共同地使各个机器自组织成一个或多个通信轨道，而无需由服务器或管理员进行任何全局控制或协调。 通信轨道用于支持安全管理，包括在网络的第一节点，通过相应的接收信道从上游邻居接收来自上游邻居的安全管理消息，从上游邻居到第一节点; 根据从上游邻居接收的安全管理消息执行一个或多个安全管理操作; 以及通过从第一节点到下游邻居的相应传播信道将安全管理消息转发到下游邻居。

公开(公告)号：US20160143021A1

公开(公告)日：2016-05-19

申请号：US15004757

申请日：2016-01-22

Applicant: Tanium Inc.

Inventor： David Hindawi ,  Orion Hindawi ,  Lisa Lippincott ,  Peter Lincroft

IPC: H04W72/04 ,  H04W8/00 ,  H04W24/02 ,  H04W48/16

CPC classification number: H04W72/0406 ,  H04L41/04 ,  H04L41/044 ,  H04L41/082 ,  H04L41/0893 ,  H04L41/12 ,  H04L43/02 ,  H04L43/04 ,  H04L43/0817 ,  H04L43/10 ,  H04L45/02 ,  H04L61/00 ,  H04L63/00 ,  H04L63/20 ,  H04L67/02 ,  H04L67/1046 ,  H04L67/1048 ,  H04L67/1063 ,  H04L67/1065 ,  H04L67/1072 ,  H04W8/005 ,  H04W24/02 ,  H04W48/16 ,  H04W84/18

Abstract: In one aspect, machines in a managed network implements a set of rules that cause individual machines to directly interact with only a small number of machines in the network (i.e., a local neighborhood within the network), while the independent local actions of the individual machines collectively cause the individual machines to be self-organized into one or more communication orbits without any global control or coordination by a server or an administrator. The communication orbits are used for supporting network, security and system management communications in the managed network.

Abstract translation: 在一个方面，托管网络中的机器实现一组规则，这些规则使单个机器直接与网络中的少量机器（即，网络内的本地邻域）交互，而个体的独立本地动作 机器集体地使单个机器被自组织成一个或多个通信轨道，而无需由服务器或管理员进行任何全局控制或协调。 通信轨道用于支持受管网络中的网络，安全和系统管理通信。

公开(公告)号：US20140181247A1

公开(公告)日：2014-06-26

申请号：US13797946

申请日：2013-03-12

Applicant: Tanium Inc.

Inventor： David Hindawi ,  Orion Hindawi ,  Lisa Lippincott ,  Peter Lincroft

IPC: H04L29/08

CPC classification number: H04W72/0406 ,  H04L41/04 ,  H04L41/044 ,  H04L41/082 ,  H04L41/0893 ,  H04L41/12 ,  H04L43/02 ,  H04L43/04 ,  H04L43/0817 ,  H04L43/10 ,  H04L45/02 ,  H04L61/00 ,  H04L63/00 ,  H04L63/20 ,  H04L67/02 ,  H04L67/1046 ,  H04L67/1048 ,  H04L67/1063 ,  H04L67/1065 ,  H04L67/1072 ,  H04W8/005 ,  H04W24/02 ,  H04W48/16 ,  H04W84/18

Abstract: In one aspect, machines in a managed network implements a set of rules that cause individual machines to directly interact with only a small number of machines in the network (i.e., a local neighborhood within the network), while the independent local actions of the individual machines collectively cause the individual machines to be self-organized into one or more communication orbits without any global control or coordination by a server or an administrator. The communication orbits are used for supporting network, security and system management communications in the managed network.

Abstract translation: 在一个方面，托管网络中的机器实现一组规则，这些规则使单个机器直接与网络中的少量机器（即，网络内的本地邻域）交互，而个体的独立本地动作 机器集体地使单个机器被自组织成一个或多个通信轨道，而无需由服务器或管理员进行任何全局控制或协调。 通信轨道用于支持受管网络中的网络，安全和系统管理通信。

公开(公告)号：US10708116B2

公开(公告)日：2020-07-07

申请号：US15668665

申请日：2017-08-03

Applicant: Tanium Inc.

Inventor： David Hindawi ,  Orion Hindawi ,  Lisa Lippincott ,  Peter Lincroft

IPC: H04L12/24 ,  H04L12/761 ,  H04L12/26 ,  H04L12/721

Abstract: In a network of a plurality of machines and a server, the machines have self-organized into a linearly ordered sequence in accordance with a predefined order of their respective machine identifiers. The linearly ordered sequence includes one or more local segments each include a first machine followed by a sequence of second machines. A query regarding management information of a local segment is injected into the network at the first machine of the local segment. The query is forwarded along the local segment, and each machine in the local segment responds to the query by adding its own local information to any answers already accumulated in the payload of the query. A second machine in the local segment sends a report message containing aggregated management information that has been collected in the payload of the query to the server.

公开(公告)号：US10649870B1

公开(公告)日：2020-05-12

申请号：US15878286

申请日：2018-01-23

Applicant: Tanium Inc.

Inventor： Lisa Lippincott ,  David Hindawi ,  Orion Hindawi ,  Peter Lincroft

IPC: G06F11/00 ,  G06F11/30 ,  H04L12/26

Abstract: Method and system for providing message communications with failure detection and recovery are disclosed. At a respective node of a non-static collection of nodes forming a linear communication orbit: the node identifies, from among the non-static collection of nodes, a set of forward contacts distributed in a forward direction along the linear communication orbit; the node monitors a propagation state of a first query that has departed from the respective node to travel in the forward direction along the linear communication orbit; and upon detecting a propagation failure of the first query based on the monitoring, the node sends the first query directly to a first forward contact among the set of forward contacts to initiate a failure recovery process within at least part of a segment of the linear communication orbit between the respective node and the first forward contact of the respective node.

公开(公告)号：US10412188B2

公开(公告)日：2019-09-10

申请号：US15702617

申请日：2017-09-12

Applicant: Tanium Inc.

Inventor： David Hindawi ,  Orion Hindawi ,  Lisa Lippincott ,  Peter Lincroft

IPC: H04L29/08

Abstract: A data caching and distribution method, performed by a plurality of computational machines in a linear communication orbit, includes generating a data request by a first machine to request specific data, and passing the data request along a data request path that tracks the linear communication orbit until the request is received at a second machine, in the linear communication orbit, that returns the specific data in response to the data request. The method includes, at a third machine between the second machine and the first machine in the linear communication orbit, conditionally storing the specific data in a local cache of the third machine according to a data caching method.

公开(公告)号：US09667738B2

公开(公告)日：2017-05-30

申请号：US14554711

申请日：2014-11-26

Applicant: Tanium Inc.

Inventor： David Hindawi ,  Orion Hindawi ,  Lisa Lippincott ,  Peter Lincroft

IPC: G06F15/167 ,  H04L29/08

CPC classification number: H04L67/2842 ,  H04L67/32

Abstract: In accordance with some embodiments, a computational machine having one or more processors, a local cache and memory receives from a first machine a data request that is used to request specific data. The computational machine determines whether the computational machine stores the specific data in the local cache. In accordance with a determination that the computational machine does not store the specific data in the local cache, the computational machine responds to the data request by passing the data request to a second machine and returning the specific data to the first machine when the second machine returns the specific data to the computational machine. Additionally, the computational machine determines whether to store the returned specific data in the local cache according to a data caching method.

公开(公告)号：US09059961B2

公开(公告)日：2015-06-16

申请号：US13797962

申请日：2013-03-12

Applicant: Tanium Inc.

Inventor： David Hindawi ,  Orion Hindawi ,  Lisa Lippincott ,  Peter Lincroft

IPC: G06F15/16 ,  G06F15/173 ,  H04L29/08 ,  H04L12/26 ,  H04L29/06 ,  H04L29/12 ,  H04L12/24

CPC classification number: H04W72/0406 ,  H04L41/04 ,  H04L41/044 ,  H04L41/082 ,  H04L41/0893 ,  H04L41/12 ,  H04L43/02 ,  H04L43/04 ,  H04L43/0817 ,  H04L43/10 ,  H04L45/02 ,  H04L61/00 ,  H04L63/00 ,  H04L63/20 ,  H04L67/02 ,  H04L67/1046 ,  H04L67/1048 ,  H04L67/1063 ,  H04L67/1065 ,  H04L67/1072 ,  H04W8/005 ,  H04W24/02 ,  H04W48/16 ,  H04W84/18

Abstract: In one aspect, machines in a managed network implements a set of rules that cause individual machines to directly interact with only a small number of machines in the network (i.e., a local neighborhood within the network), while the independent local actions of the individual machines collectively cause the individual machines to be self-organized into one or more communication orbits without any global control or coordination by a server or an administrator. The communication orbits are used for supporting network, security and system management communications in the managed network.

Abstract translation: 在一个方面，托管网络中的机器实现一组规则，这些规则使单个机器直接与网络中的少量机器（即，网络内的本地邻域）交互，而个体的独立本地动作 机器集体地使单个机器被自组织成一个或多个通信轨道，而无需由服务器或管理员进行任何全局控制或协调。 通信轨道用于支持受管网络中的网络，安全和系统管理通信。

公开(公告)号：US20150149624A1

公开(公告)日：2015-05-28

申请号：US14553769

申请日：2014-11-25

Applicant: Tanium Inc.

Inventor： David Hindawi ,  Orion Hindawi ,  Lisa Lippincott ,  Peter Lincroft

IPC: H04L12/26

CPC classification number: H04L43/065 ,  H04L12/4641 ,  H04L41/044 ,  H04L41/0853 ,  H04L41/0866 ,  H04L41/0893 ,  H04L41/12 ,  H04L63/0263 ,  H04L63/1433

Abstract: In one aspect, methods, system, and computer-readable media for monitoring unmanaged assets in a network having a plurality of managed machines include: at a first managed machine of the plurality of managed machines, wherein the plurality of managed machine are arranged in a linear communication orbit and have respective identifiers, and each managed machine is coupled to at least one respective neighbor by a corresponding local segment of the linear communication orbit: responding to a detection instruction for detecting unmanaged assets currently present in the network, by: scanning for live unmanaged machines within a selected portion of the network that is associated with a range of identifiers that includes identifiers between the respective identifiers of the first managed machine and a respective neighbor of the first managed machine; and generating a local report identifying one or more unmanaged machines that have been detected within the selected portion of the network.

Abstract translation: 在一个方面，用于监视具有多个被管理机器的网络中的非管理资产的方法，系统和计算机可读介质包括：在所述多个被管理机器的第一管理机器处，其中所述多个被管理机器被布置在 线性通信轨道并具有各自的标识符，并且每个受管理机器通过线性通信轨道的对应的本地段耦合到至少一个相应的邻居：响应于用于检测当前存在于网络中的非管理资产的检测指令，通过以下步骤：扫描 在网络的选定部分内的与包括第一受管理机器的相应标识符和第一受管理机器的相应邻居之间的标识符的标识符范围相关联的现行非托管机器; 以及生成识别在所选择的网络部分内已被检测到的一个或多个非管理机器的本地报告。