Abstract: Embodiments of the present invention provide for group policy object (GPO) update compliance. A method for GPO update compliance includes selecting both a compliance update and also a computing system as an endpoint targeted for receiving the compliance update, directing execution of a remediation process that applies the compliance update onto the selected endpoint and performing a re-scan of the selected endpoint subsequent to the execution of the remediation process. The method further includes executing a GPO update within a threshold period of time after the re-scan and repeating the re-scan after the GPO update and then comparing a log produced by the repeated re-scan after the GPO update with a log produced by the re-scan before the GPO update, detecting an out-of-compliance update in the comparison and responding to the out-of-compliance update by directing a repair of the out-of-compliance update using a domain login for the selected endpoint.

Abstract: Embodiments of the present invention provide a method, system, and computer program product for ensuring the veracity of a mobile application for deployment in a distributed computing environment. In an embodiment of the invention, a method for ensuring the veracity of a mobile application for deployment in a distributed computing environment is provided. The method includes detecting a mobile application being uploaded for deployment to a mobile computing device in the distributed computing environment, creating and then storing a fingerprint for the uploaded mobile application, calculating an offset value according to the fingerprint for the uploaded mobile application, and storing the offset value for the uploaded mobile application.

Abstract: Embodiments of the present invention provide a method, system, and computer program product apparatus for validating a computer environment. In an embodiment of the invention, a signature file denoting the infrastructure requirements of a computing environment to support a computer program to be installed in the computer environment of multiple different computing devices disposed in multiple different network domains can be loaded. Administrative network privileges to access the multiple different network domains in the computing environment can be acquired. Further, at least one deficiency in the infrastructure requirements corresponding to one of the network domains can be identified and the identified deficiency can be remediated. The identified deficiency can be reported.

Abstract: Embodiments of the present invention provide a method, system and computer program product for mobile application deployment in a distributed computing environment. In an embodiment of the invention, a method for mobile application deployment in a distributed computing environment is provided. The method includes uploading a mobile application into a secured central mobile application repository and modifying a distribution policy for other mobile applications in the secured central mobile application repository to account for the uploaded mobile application and changes within the distribution policy. Thereafter, both the distribution policy and the uploaded mobile application can be transmitted to a distributed application repository by way of an intermediate server coupled to a secured distributed application repository. The intermediate server is charged with synchronizing messages, calendaring and contacts with wirelessly linked pervasive mobile devices and an associated messaging server.

Abstract: An information security auditing and incident investigation method can include applying a correlation template to query different audit targets in an enterprise system to provide a complete result set for the query across different audit targets, receiving audit data provided in response to the query and rendering the audit data to produce an audit report. The applying step can include distributing one or more distributed audit and response tools to each of the targets in the enterprise and communicating with the targets in the enterprise to acquire audit data from each of the targets. The receiving step can include organizing the audit data in a hierarchy, and recursively walking the hierarchy as a directed, cyclic graph noting memberships and paths. Finally, the rendering step can include generating a graphical visualization interface, disposing a real-time object browser within the interface, and further disposing a differential report in the interface.

Abstract: In an embodiment of the invention, a method for subscriber auditing in a mobile messaging system can be provided. The method can include deploying a mobile messaging system for use in cooperation with a communicatively coupled e-mail server, pushing e-mail from the e-mail server to wireless devices belonging to different subscribers through the mobile messaging system, counting the subscribers and comparing a number of the subscribers to a permitted number of licensed subscribers for the mobile messaging system, and alerting an administrator of the mobile messaging system when the number of the subscribers counted crosses a threshold value less than the licensed subscribers. In one aspect of the embodiment, the threshold value can be zero thus an alert is only sent when the number of subscribers counted exceeds the permitted number of licensed subscribers.

Abstract: A federated mobile messaging appliance can be provided. The appliance can include a hidden partition including different images of a mobile messaging system each corresponding to a particular e-mail server type. The appliance also can include federated mobile messaging configuration logic. The logic can include program code enabled to identify an e-mail server type for a coupled e-mail server, to select one of the images to be revealed based upon the identified e-mail server type, and to configure and activate a corresponding mobile messaging system in the selected one of the images in the hidden partition for interoperation with the coupled e-mail server.

Abstract: Embodiments of the present invention address deficiencies of the art in respect to managing a mobile messaging server deployment and provide a method, system and computer program product for a backup and restore feature for a mobile messaging system. In an embodiment of the invention, a method for backup and restore in a mobile messaging system can be provided. The method can include deploying a mobile messaging system for use in cooperation with a communicatively coupled e-mail server and pushing e-mail from the e-mail server to wireless devices belonging to different subscribers through the mobile messaging system. The method also can include acquiring a snapshot of the deployed mobile messaging system exemplary of a contemporaneous state of the mobile messaging system, and storing the snapshot for subsequent retrieval and restoration of a subsequently prior state of the mobile messaging system.

Abstract: An intrusion detection system (IDS). An IDS which has been configured in accordance with the present invention can include a traffic sniffer for extracting network packets from passing network traffic; a traffic parser configured to extract individual data from defined packet fields of the network packets; and, a traffic logger configured to store individual packet fields of the network packets in a database. A vector builder can be configured to generate multi-dimensional vectors from selected features of the stored packet fields. Notably, at least one self-organizing clustering module can be configured to process the multi-dimensional vectors to produce a self-organized map of clusters. Subsequently, an anomaly detector can detect anomalous correlations between individual ones of the clusters in the self-organized map based upon at least one configurable correlation metric. Finally, a classifier can classify detected anomalous correlations as one of an alarm and normal behavior.

Abstract: The present invention is secure wireless network. The secure wireless network can include multiple receiver nodes coupled to corresponding high-precision clocks. Each of the receiver nodes can be configured to receive wireless frames transmitted both within and outside a secured geographic area covered by the secure wireless network. A master synchronization high-precision clock can be coupled to the corresponding high-precision clocks. Additionally, a position location system can be coupled to the receiver nodes. Specifically, the position location system can be programmed to compute estimated positions for individual ones of wireless nodes transmitting the wireless frames. Finally, access management logic can be coupled to the position location system. More particularly, the access management logic can be configured to manage access to the wireless network by the individual ones of the wireless nodes based upon the computed estimated positions.

Abstract: An intrusion detection system (IDS). An IDS which has been configured in accordance with the present invention can include a traffic sniffer for extracting network packets from passing network traffic; a traffic parser configured to extract individual data from defined packet fields of the network packets; and, a traffic logger configured to store individual packet fields of the network packets in a database. A vector builder can be configured to generate multi-dimensional vectors from selected features of the stored packet fields. Notably, at least one self-organizing clustering module can be configured to process the multi-dimensional vectors to produce a self-organized map of clusters. Subsequently, an anomaly detector can detect anomalous correlations between individual ones of the clusters in the self-organized map based upon at least one configurable correlation metric. Finally, a classifier can classify detected anomalous correlations as one of an alarm and normal behavior.