Method and system for providing wireless vulnerability management for local area computer networks
Abstract
A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks. The method includes providing a security server being hosted by a service provider entity to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively. The method includes creating a workspace for wireless vulnerability management for a customer entity on the security server and receiving configuration information associated with the workspace. The method also includes supplying one or more sniffers to the customer entity. The method includes receiving at the security server information associated with wireless activity monitored by the one or more sniffers at premises of the customer entity and processing the received information within the workspace for the customer entity using the security server. The method includes metering usage of the workspace for wireless vulnerability management for the customer entity.
Claims
exact text as granted — not AI-modified1 . A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks, the method comprising:
providing a security server, the security server being hosted by a service provider entity, the security server being coupled to the Internet, the security server being adapted to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively; creating a workspace for wireless vulnerability management for a first customer entity on the security server, the creating the workspace being responsive to a request from the first customer entity to subscribe to wireless vulnerability management; receiving configuration information associated with the workspace for the first customer entity at the security server; supplying one or more sniffers to the first customer entity; receiving connection requests at the security server over the Internet from the one or more sniffers, respectively, subsequent to the one or more sniffers being deployed at premises of the first customer entity; associating identities of the one or more sniffers with the workspace for the first customer entity at the security server; receiving at the security server information associated with wireless activity monitored by the one or more sniffers at the premises of the first customer entity, the receiving being receiving over the Internet; processing the received information associated with the wireless activity within the workspace for the first customer entity using the security server; and metering usage of the workspace for wireless vulnerability management for the first customer entity.
2 . The method of claim 1 wherein the service provider entity and the first customer entity being business entities separate from one another.
3 . The method of claim 1 wherein the metering the usage of the workspace for the first customer entity comprising:
tracking usage of the one or more sniffers at the premises of the first customer entity for the monitoring of the wireless activity; and
charging the first customer entity periodically based at least upon the usage of the one or more sniffers.
4 . The method of claim 1 wherein the metering the usage of the workspace for the first customer entity comprising:
tracking vulnerabilities detected during a selected period; and
charging the first customer entity based at least upon the vulnerabilities detected during the selected period.
5 . The method of claim 1 , and further comprising receiving a selection of one or more modules associated with the workspace for the first customer entity at the security server.
6 . The method of claim 5 wherein the metering the usage of the workspace for the first customer entity comprising charging the first customer entity based at least upon the selection of the one or more modules.
7 . The method of claim 5 wherein the one or more modules comprise at least one module selected from the group consisting of scanning module, threat assessment module, remediation module, location tracking module, reporting module, RF visualization module, and managed services module.
8 . The method of claim 5 wherein the receiving the selection of the one or more modules associated with the workspace for the first customer entity at the security server comprising:
receiving a request to initiate logging into the workspace for the first customer entity from a computer, the request being initiated over the Internet;
transferring information associated with a listing of modules comprising the one or more modules to the computer over the Internet; and
receiving the selection of the one or more modules at the security server over the Internet, the selection being inputted by a person operating the computer using the listing of the modules.
9 . The method of claim 5 wherein the processing the received information associated with the wireless activity within the workspace for the first customer entity using the security server comprising:
authenticating the received information using a digital secret shared between the security server and the first customer entity;
accessing the configuration information associated with the workspace for the first customer entity;
accessing the module selection information associated with the workspace for the first customer entity;
processing the received information based at least upon the configuration information and the module selection information to generate a result information; and
triggering one or more actions based at least upon the result information.
10 . The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving identity information associated with one or more authorized wireless devices within the local area network of the first customer entity.
11 . The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising:
receiving information associated with a hierarchy of physical locations within the premises of the first customer entity; and
receiving information related to association between the one or more sniffers and the physical locations, respectively.
12 . The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving information associated with notification of one or more wireless vulnerabilities to the first customer entity.
13 . The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising receiving information associated with a selection of one or more reports, the one or more reports to be generated based upon the information associated with the monitored wireless activity received at the security server.
14 . The method of claim 1 wherein the receiving the configuration information associated with the workspace for the first customer entity at the security server comprising:
receiving a request to initiate logging into the workspace of the first customer entity from a computer, the request being initiated over the Internet;
transferring information associated with one or more configuration screens to the computer over the Internet;
displaying the one or more configuration screens on the computer; and
receiving the configuration information at the security server over the Internet, the configuration information being inputted by a person operating the computer using the one or more configuration screens displayed on the computer.
15 . The method of claim 1 wherein a username, a password, and an administrative privilege being associated with the workspace for the first customer entity on the security server, the administrative privilege being a configuration modification privilege, a viewing privilege, or a module selection privilege.
16 . The method of claim 1 wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including identities of one or more wirelessly active access points and one or more wirelessly active clients within and/or in a vicinity of the premises of the first customer entity.
17 . The method of claim 1 wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including information associated with wireless connections among a plurality of wireless devices within and/or in a vicinity of the premises of the first customer entity.
18 . The method of claim 1 wherein the information associated with the wireless activity monitored by the one or more sniffers at the premises of the first customer entity including information associated with radio signal strength parameters associated with the wireless activity.
19 . A server computer device adapted to provide wireless vulnerability management as Software-as-a-Service (SaaS) for a plurality of private computer networks of a plurality of customer entities, respectively, the server computer comprising:
a memory unit storing computer executable instructions; a processor unit for executing the computer executable instructions; and a communication interface for coupling the server computer device to a computer network; wherein the computer executable instructions are adapted to perform the steps of:
receiving information associated with wireless activity using the communication interface from a plurality of sets of sniffers over the Internet, the plurality of sets of sniffers being positioned within premises of the plurality of customer entities, respectively;
maintaining a plurality of workspaces for wireless vulnerability management within the memory unit for the plurality of customer entities, respectively;
identifying a plurality of portions of the received information that are associated with the plurality of customer entities, respectively; and
processing the plurality of portions using the processor unit in accordance with the plurality of workspaces, respectively.
20 . A Software-as-a-Service (SaaS) based method for availing wireless vulnerability management for local area computer network, the method comprising:
generating a request for wireless vulnerability management for a local area network of a first customer entity; receiving login information associated with a workspace for the first customer entity, the workspace being created on a security server and being for wireless vulnerability management for the local area network of the first customer entity, the security server being hosted by a service provider entity, the security server being coupled to the Internet, the security server being adapted to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively; providing configuration information associated with the workspace for the first customer entity to the security server; receiving one or more sniffers at premises of the first customer entity; connecting the one or more sniffers to the local area network of the first customer entity; generating connection requests to the security server over the Internet from the one or more sniffers, respectively, subsequent to the one or more sniffers being connected to the local area network of the first customer entity; transferring identity information from the one or more sniffers to the security server, the identity information being used to associate the one or more sniffers with the workspace for the first customer entity; sending to the security server information associated with wireless activity monitored by the one or more sniffers at the premises of the first customer entity, the sending being sending over the Internet; receiving results from processing of the sent information associated with the wireless activity, the processing being using the security server and being performed within the workspace for the first customer entity; and generating payment authorization based at least upon usage of the workspace for the first customer entity.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.