Abstract: A system and method for network access control (NAC) of remotely connected devices is disclosed. In embodiments, agents support role mapping and policy-based scanning. Embodiments automatically perform authentication, assessment, authorization, provisioning, and remediation. Capabilities include user authentication, role-based authorization, endpoint compliance, alarms and alerts, audit logs, location-based rules, and policy enforcement. Processes collect information about the user as well as the host being used from sources including, but not limited to, LDAP, the remote access device, and the agent. Once this data has been obtained, embodiments construct a comprehensive model of the host. This model is subsequently used to govern the actual host's network access when it connects to the network. Passive monitoring includes vulnerability scanning to control access rights throughout the duration of the connection.
Type:
Grant
Filed:
June 10, 2009
Date of Patent:
June 14, 2016
Assignee:
BRADFORD NETWORKS, INC.
Inventors:
Eric P. Dupont, Seshakrishnan Srinivasan, Frank D. Andrus
Abstract: A system and method for network control supporting network endpoints including devices and users that delegates control from the Administrator to Sponsors, leveraging their particular skills. For embodiments, Profiles comprise a set of specifications which define the scope of control or authority. Their application comprises associating Templates/Rules with the Profiles. The Administrator creates Sponsor Users (Sponsors) from users with administrative privileges. The Administrator delegates network management workload by assigning Profiles to Sponsors, defining Sponsors' control. Sponsors thereby manage pieces of the overall workload. The Administrator can also view reports and audit trails for both the Sponsors and network resources.
Type:
Grant
Filed:
November 1, 2010
Date of Patent:
June 4, 2013
Assignee:
Bradford Networks, Inc.
Inventors:
Frank D. Andrus, Paula Jane Dunigan, Todd R. Wohlers, Paul D. Playdon, Alan R. Hackert
Abstract: A system and method for dynamic device configuration enabling network and security administrators to define policies that indicate event and alert conditions within their networks. The policies incorporate information about network devices, endpoints connected to those devices, input from external security systems, local endpoint policy compliance, and date/time-of-day to determine whether to generate an event or alert. Events and alerts can be associated with actions that effect changes to network device configurations in order to maintain a desired operational state of the network.
Type:
Grant
Filed:
October 29, 2010
Date of Patent:
June 4, 2013
Assignee:
Bradford Networks, Inc.
Inventors:
Frank D. Andrus, Howard J. Roemer, Jr., Eric P. Dupont
Abstract: A system and method for network access control (NAC) of remotely connected devices is disclosed. In embodiments, agents support role mapping and policy-based scanning. Embodiments automatically perform authentication, assessment, authorization, provisioning, and remediation. Capabilities include user authentication, role-based authorization, endpoint compliance, alarms and alerts, audit logs, location-based rules, and policy enforcement. Processes collect information about the user as well as the host being used from sources including, but not limited to, LDAP, the remote access device, and the agent. Once this data has been obtained, embodiments construct a comprehensive model of the host. This model is subsequently used to govern the actual host's network access when it connects to the network. Passive monitoring includes vulnerability scanning to control access rights throughout the duration of the connection.
Type:
Application
Filed:
June 10, 2009
Publication date:
December 10, 2009
Applicant:
BRADFORD NETWORKS, INC.
Inventors:
Eric P. Dupont, Seshakrishnan Srinivasan, Frank D. Andrus