US2023216880A1PendingUtilityA1

Network appliance for vulnerability assessment auditing over multiple networks

76
Assignee: CALLAHAN CELLULAR LLCPriority: Jan 19, 2005Filed: Feb 27, 2023Published: Jul 6, 2023
Est. expiryJan 19, 2025(expired)· nominal 20-yr term from priority
H04L 63/029H04L 63/1433H04L 63/1408H04L 63/20H04L 63/1441G06F 21/577
76
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

An apparatus, system, and method are directed towards enabling auditing of network vulnerabilities from multiple network vantage points virtually simultaneously. Multiple network vantage points may include, but are not limited to, remote/branch enterprise sites, devices on an enterprise perimeter, on either side of a security perimeter, and even through the security perimeter. In one embodiment, an auditor performs reflected audits thereby extending auditing of network vulnerabilities to provide a comprehensive 360 degree audit of internal, external, and remote enterprise network sites. In one embodiment, the present invention may be implemented employing a single auditing device, and one or more audit extension devices that are configured to extend the auditing device's audit reach. The auditing device and one or more audit extension devices may communicate using an encrypted network channel through a security perimeter and/or across multiple networks.

Claims

exact text as granted — not AI-modified
We claim: 
     
         1 . A method to manage an audit of a remote server, the method comprising:
 performing, by an audit device, a vulnerability assessment on one or more servers in a network that are subject to a common security policy;   in response to receiving a request to perform an audit from the audit device, performing, by an extension audit device, the audit of one or more other servers in a network at a remote site;   obtaining information about an audit being performed by the audit device, the extension audit device, or both the audit device and the extension audit device; and   providing a report including results of the audit being performed.   
     
     
         2 . The method of  claim 1 , wherein the audit device is in communication with a first firewall and the audit extension device is in communication with a second firewall. 
     
     
         3 . The method of  claim 1 , wherein the audit being performed by the audit device, the extension audit device, or both the audit device and the extension audit device includes an audit of one or more end-points in the networks. 
     
     
         4 . The method of  claim 1 , wherein the audit being performed by the audit device includes determining whether revisions to the common security policy are needed. 
     
     
         5 . The method of  claim 3 , wherein the one or more end-point is a wireless end point. 
     
     
         6 . The method of  claim 1 , further comprising:
 initiating, by the audit device, communication between the extension audit device and the audit device by sending a request for an audit to be performed on the one or more other servers in the network at the remote site, the request for the audit including a request for information to be provided by the one or more other servers, wherein the one or more other servers is remotely located from the audit device;   determining, by the audit device, whether an audit result indicates that the one or more other servers complies with the common security policy;   instructing, by the audit device, the extension audit device to quarantine the one or more other servers in a quarantined network in response to the one or more other servers failing to satisfy the common security policy; and   relinquishing, by the audit device, operations to the extension audit device, in response to the one or more other servers failing to satisfy the common security policy.   
     
     
         7 . The method of  claim 1 , further comprising:
 removing the one or more other servers, by the extension audit device, from the quarantined network in response to the audit result indicating that the one or more other servers satisfies the common security policy.   
     
     
         8 . A non-transitory computer-readable medium storing executable instructions that, when executed, cause one or more processors to perform operations, comprising:
 performing, by an audit device, a vulnerability assessment on one or more servers in a network that are subject to a common security policy;   in response to receiving a request to perform an audit from the audit device, performing, by an extension audit device, an audit of one or more other servers in a network at a remote site; and   obtaining information about an audit being performed by the audit device, the extension audit device, or both the audit device and the extension audit device.   
     
     
         9 . The non-transitory computer-readable medium of  claim 8 , wherein the audit device is in communication with a first firewall and the audit extension device is in communication with a second firewall. 
     
     
         10 . The non-transitory computer-readable medium of  claim 8 , wherein the audit being performed by the audit device, the extension audit device, or both the audit device and the extension audit device includes an audit of one or more end-points in the networks. 
     
     
         11 . The non-transitory computer-readable medium of  claim 8 , wherein the audit being performed by the audit device includes determining whether revisions to the common security policy are needed. 
     
     
         12 . The non-transitory computer-readable medium of  claim 10 , wherein the one or more end-points is a wireless end point. 
     
     
         13 . The non-transitory computer-readable medium of  claim 8 , wherein the operations further comprise:
 providing a report including results of the audit being performed.   
     
     
         14 . The non-transitory computer-readable medium of  claim 8 , wherein the operations further comprise:
 removing the one or more other servers, by the extension audit device, from a quarantined network in response to the audit result indicating that the one or more other servers satisfies the common security policy.   
     
     
         15 . A system to manage an audit of a remote server, comprising:
 an audit device configured to perform a vulnerability assessment on one or more servers in a network that are subject to a common security policy; and   an extension audit device configured to in response to receiving a request to perform an audit from the auditor, perform the audit of one or more other servers in a network at a remote site;   wherein the system is configured to obtain information about an audit being performed by the audit device, the extension audit device, or both the audit device and the extension audit device and provide a report including results of the audit being performed.   
     
     
         16 . The system of  claim 15 , wherein the audit device is in communication with a first firewall and the audit extension device is in communication with a second firewall. 
     
     
         17 . The system of  claim 15 , wherein the audit being performed by the audit device, the extension audit device, or both the audit device and the extension audit device includes an audit of one or more end-points in the networks. 
     
     
         18 . The system of  claim 15 , wherein the audit being performed by the audit device includes determining whether revisions to the common security policy are needed. 
     
     
         19 . The system of  claim 17 , wherein the one or more end-points is a wireless end point. 
     
     
         20 . The system of  claim 15 , wherein the auditor is further configured to:
 initiate communication between the extension audit device and the audit device by sending a request for an audit to be performed on the one or more other servers in the network at the remote site, the request for the audit including a request for information to be provided by the one or more other servers, remotely located from the audit device;   determine whether an audit result indicates that the one or more other servers complies with the common security policy;   instruct the extension audit device to quarantine the one or more other servers in a quarantined network in response to the one or more other servers failing to satisfy the common security policy; and   relinquish operations to the extension auditor device, in response to the one or more other servers failing to satisfy the common security policy.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.