Patent application number | Description | Published |
20080229419 | Automated identification of firewall malware scanner deficiencies - Automated identification of deficiencies in a malware scanner contained in a firewall is provided by correlating incident reports that are generated by desktop protection clients running on hosts in an enterprise that is protected by the firewall. A desktop protection client scans a host for malware incidents, and when detected, analyzes the host's file access log to extract one or more pieces of information about the incident (e.g., identification of a process that placed the infected file on disk, an associated timestamp, file or content type, malware type, hash of such information, or hash of the infected file). The firewall correlates this file access log information with data in its own log to enable the firewall to download the content again and inspect it. If malware is detected, then it is assumed that it was missed when the file first entered the enterprise because the firewall did not have an updated signature. However, if the malware is not detected, then there is a potential deficiency. | 09-18-2008 |
20080301796 | Adjusting the Levels of Anti-Malware Protection - A client transmits requests via a gateway to a server in a network environment. The requests indicate content on a server to be transmitted as part of download process. The gateway receives into its memory the requested content and also maintains characteristics of the server and the client. The gateway adjusts the depth of scanning of the content for malware based on the retrieved server and client characteristics in order to optimize a balance between effectiveness of anti-malware scanning and a resulting user experience. | 12-04-2008 |
20090094665 | Monitoring and Controlling Network Communications - Aspects of the subject matter described herein relate to monitoring and controlling network communications. In aspects, communication components receive a communication from a node. The communication components determine a potential use of the communication that may be used for reporting and enforcement purposes. The communication components monitor subsequent communications and store usage information including duration in a store. In addition, the communication components may enforce a policy that depends on the potential use of a communication and the usage information. | 04-09-2009 |
20090100162 | Sharing Policy and Workload among Network Access Devices - Aspects of the subject matter described herein relate to sharing policy and workload among network access devices. In aspects, a network access device receives a communication between a first and a second node. The network access device may be one of a set of network access devices responsible for processing traffic to and from a set of nodes. A network access device determines a policy to apply to the communication and at least one network device to apply the policy. The determination of the at least one network device to apply the policy may include determining which network access devices are capable of applying the policy as well as the workload on the network access devices. | 04-16-2009 |
20090328210 | CHAIN OF EVENTS TRACKING WITH DATA TAINTING FOR AUTOMATED SECURITY FEEDBACK - An automated security feedback arrangement is provided by which a specialized audit record called a tainting record is linked to data crossing the perimeter of a corpnet that comes from potentially untrusted sources. The linked tainting record operates to taint such data which may be received from external sources such as e-mail and websites or which may comprise data that is imported into the corpnet from mobile computing devices. Data that is derived from the original data is also tainted using a linked tainting record which includes a pointer back to the previous tainting record. The linking and pointing back are repeated for all subsequent derivations of data to thus create an audit trail that may be used to reconstruct the chain of events between the original data crossing the perimeter and any security compromise that may later be detected in the corpnet. | 12-31-2009 |
20100082512 | ANALYZING DATA AND PROVIDING RECOMMENDATIONS - Aspects of the subject matter described herein relate to analyzing data and providing recommendations regarding computing assets. In aspects, data is collected from computing assets and aggregated in a data repository. A data analyzer analyzes the data to determine problems associated with the computing assets. Work done to identify a problem with one computing asset may be used to identify problems with or provide recommendations for other computing assets controlled by the same or different entities. When a problem is identified in a computing asset, a recommendation may be proactively provided to an entity associated with the computing asset. | 04-01-2010 |
20100162346 | SELECTING SECURITY OFFERINGS - Methods, systems, and computer-readable media are disclosed for selecting a set of security offerings. A particular method includes receiving a security need profile associated with a computing environment and receiving security offering information related to a plurality of security offerings. The security offerings of the plurality of security offerings are evaluated with respect to the security need profile. A set of security offerings from the plurality of security offerings are automatically selected. | 06-24-2010 |
Patent application number | Description | Published |
20110302170 | UTILIZING SEARCH POLICIES TO DETERMINE SEARCH RESULTS - Methods for factoring search and browse policies and content preferences into Web search results are provided. Such search and browse policies and/or content preferences generally are provided by a parent, an employer, or other company representative and specify to whom they apply. Upon receiving a search query from a particular user, it is determined whether one or more search and browse policies and/or content preferences apply to the received search query. Upon determining that one or more search and browse policies and/or content preferences apply to the received search query, at least one of the received search query and any search results determined as satisfying the search query are analyzed in accordance with the one or more applicable search and browse policies and/or content preferences applying to the user. Any necessary modifications are made to the search results before the results are presented to the user. | 12-08-2011 |
20120084859 | REALTIME MULTIPLE ENGINE SELECTION AND COMBINING - Architecture that selects a classification engine based on the expertise of the engine to process a given entity (e.g., a file). Selection of an engine is based on a probability that the engine will detect an unknown entity classification using properties of the entity. One or more of the highest ranked engines are activated in order to achieve the desired performance. A statistical, performance-light module is employed to skip or select several performance-demanding processes. Methods and algorithms are utilized for learning based on matching the best classification engine(s) to detect the entity class based on the entity properties. A user selection option is provided for specifying a maximum number of ranked, classification engines to consider for each state of the machine. A user can also select the minimum probability of detection for a specific entity (e.g., unknown file). The best classifications are re-evaluated over time as the classification engines are updated. | 04-05-2012 |
20120173620 | CREATION AND MANAGEMENT OF RESILIENT WIRELESS GROUPS - A method and system are disclosed for providing a temporary peer-to-peer network including a group owner, and one or more deputies able to step into the role of group owner to continue the group session in the event the prior group owner cedes ownership. Each device in the group may include a layered communications protocol having a group maintenance layer between the network layer and the physical layer. The group maintenance layer may be responsible for dictating when and under what conditions a deputy device becomes the group owner so that group membership and activities may move forward without loss of continuity. | 07-05-2012 |
Patent application number | Description | Published |
20130115945 | SERVICE-ASSISTED NETWORK ACCESS POINT SELECTION - Embodiments enable prioritization and selection of network access points (NAP) by a computing device using NAP attribute values. The computing device obtains the attribute values based on a location of the computing device and/or proximate NAPs detected by the computing device. The obtained attribute values are compared to a state of the computing device (e.g., sensor values), user preferences, or other criteria to select at least one of the NAPs for connection with the computing device. In some embodiments, a user of the computing device is presented with a list of Wi-Fi access points ranked according to relevance to the computing device and/or user. | 05-09-2013 |
20130183935 | EXTENSIBLE FRAMEWORK FOR WIRELESS NETWORK CONNECTIVITY - An extensible framework for offloading data traffic sent to a mobile computing device over a cellular network to a wireless network comprises software plugins, a plugin host that is typically part of the mobile device operating system, and plugin interfaces through which the plugin host communicates with the plugins. A plugin is associated with one or more mobile operators. The framework can comprise one or more plugins, but typically, only one plugin is active at a time. The framework can automatically detect and connect to wireless networks associated with a mobile operator associated with an active plugin. The plugin can automatically authenticate the mobile device or a mobile device user with the mobile operator over the connected wireless network. The plugins are not allowed access to operating system functions responsible for detecting and connecting and disconnecting to a wireless network, which can improve mobile operating system stability and battery life. | 07-18-2013 |
20140162638 | SERVICE-ASSISTED NETWORK ACCESS POINT SELECTION - Embodiments enable prioritization and selection of network access points (NAP) by a computing device using NAP attribute values. The computing device obtains the attribute values based on a location of the computing device and/or proximate NAPs detected by the computing device. The obtained attribute values are compared to a state of the computing device (e.g., sensor values), user preferences, or other criteria to select at least one of the NAPs for connection with the computing device. In some embodiments, a user of the computing device is presented with a list of Wi-Fi access points ranked according to relevance to the computing device and/or user. | 06-12-2014 |
20150016406 | SYSTEM AND METHOD FOR OFFLOADING TRAFFIC FROM CELLULAR NETWORKS - An extensible framework for offloading data traffic sent to a mobile computing device over a cellular network to a wireless network comprises software plugins, a plugin host that is typically part of the mobile device operating system, and plugin interfaces through which the plugin host communicates with the plugins. A plugin is associated with one or more mobile operators. The framework can comprise one or more plugins, but typically, only one plugin is active at a time. The framework can automatically detect and connect to wireless networks associated with a mobile operator associated with an active plugin. The plugin can automatically authenticate the mobile device or a mobile device user with the mobile operator over the connected wireless network. The plugins are not allowed access to operating system functions responsible for detecting and connecting and disconnecting to a wireless network, which can improve mobile operating system stability and battery life. | 01-15-2015 |