公开(公告)号：US12086257B2

公开(公告)日：2024-09-10

申请号：US16857971

申请日：2020-04-24

Applicant: VMware, Inc.

Inventor： Neeraj Saluja ,  Muhammad Anadil Furqan

IPC: G06F21/57 ,  G06F21/44 ,  H04L9/32 ,  H04L9/00

CPC classification number: G06F21/572 ,  G06F21/44 ,  H04L9/3247 ,  H04L9/3265 ,  H04L9/3268 ,  G06F2221/033 ,  H04L9/50

Abstract: Disclosed are various examples for verification and management of firmware for client devices enrolled with a management service of an enterprise. The firmware verification includes a verification process using multiple checkpoints for determining whether status responses associated with firmware installed on and received from a managed client device can be trusted. The multiple checkpoints can include verifying certificate data, signature data, and an exit code included in status responses received from managed devices. In the event that one of the verification steps fails, the device can be considered compromised and subject to various compliance actions. The compliance actions can include limiting access to enterprise data, limiting access to one or more applications, wiping a device clean to reset the devices to the original factory settings, sending a notification to an enterprise administrator providing an indication of the detected compromise, and other types of compliance actions.

公开(公告)号：US20230016069A1

公开(公告)日：2023-01-19

申请号：US17371198

申请日：2021-07-09

Applicant: VMware, Inc.

Inventor： Neeraj Saluja ,  Muhammad Anadil Furqan ,  Kevin B. Sheehan

IPC: G06F21/60 ,  G06F3/06

Abstract: Examples of scheduled and on-demand volume encryption suspension are described. A management service can identify multi-volume encryption rules for local volumes of a client device including the operating system volume as well as non-operating-system volumes. The encryption rules can be transmitted to the client device. Volume encryption samples for the client device can be received, and a console user interface can be generated to indicate compliance status information for the multi-volume encryption rules for local volumes of a client device.

公开(公告)号：US12135797B2

公开(公告)日：2024-11-05

申请号：US17371198

申请日：2021-07-09

Applicant: VMware, Inc.

Inventor： Neeraj Saluja ,  Muhammad Anadil Furqan ,  Kevin B. Sheehan

IPC: G06F21/60 ,  G06F3/06

Abstract: Examples of scheduled and on-demand volume encryption suspension are described. A management service can identify multi-volume encryption rules for local volumes of a client device including the operating system volume as well as non-operating-system volumes. The encryption rules can be transmitted to the client device. Volume encryption samples for the client device can be received, and a console user interface can be generated to indicate compliance status information for the multi-volume encryption rules for local volumes of a client device.

公开(公告)号：US20240169078A1

公开(公告)日：2024-05-23

申请号：US17989668

申请日：2022-11-17

Applicant: VMware, Inc.

Inventor： Senthil Parthasarathy ,  Kevin B. Sheehan ,  Muhammad Anadil Furqan ,  Haroon Barlas ,  Amruta Moghe ,  Kishore Krishnakumar ,  Adarsh Subhash Chandra Jain

IPC: G06F21/60 ,  H04L9/06

CPC classification number: G06F21/606 ,  H04L9/0643

Abstract: Disclosed are various embodiments of a multiuser unified endpoint management (UEM) system. A device check-in can be received from a client device. The device check-in can include a device identifier that uniquely identifies the client device with respect to other client devices and a user identifier that uniquely identifies the user of the client device with respect to other users of the client device. In response, a device channel identifier associated with the device identifier and a user channel identifier associated with both the user identifier and the device identifier can be obtained. Then a first set of entitlements associated with the device channel identifier and a second set of entitlements associated with the user channel identifier can be selected. Both sets of entitlements can be provided to the client device in response to the device check-in.

公开(公告)号：US20210334380A1

公开(公告)日：2021-10-28

申请号：US16857971

申请日：2020-04-24

Applicant: VMware, Inc.

Inventor： Neeraj Saluja ,  Muhammad Anadil Furqan

IPC: G06F21/57 ,  G06F21/44 ,  H04L9/32

Abstract: Disclosed are various examples for verification and management of firmware for client devices enrolled with a management service of an enterprise. The firmware verification includes a verification process using multiple checkpoints for determining whether status responses associated with firmware installed on and received from a managed client device can be trusted. The multiple checkpoints can include verifying certificate data, signature data, and an exit code included in status responses received from managed devices. In the event that one of the verification steps fails, the device can be considered compromised and subject to various compliance actions. The compliance actions can include limiting access to enterprise data, limiting access to one or more applications, wiping a device clean to reset the devices to the original factory settings, sending a notification to an enterprise administrator providing an indication of the detected compromise, and other types of compliance actions.