IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 9436820 B1

PDFFull Text
Date of Patent:
Sep. 06, 2016

Filed:

Aug. 02, 2004

Controlling access to resources in a network

Applicants:

Robert E. Gleichauf, San Antonio, TX (US);

Susan E. Thomson, Summit, NJ (US);

Dany J. Rochefort, Norfolk, MA (US);

Joseph A. Salowey, Seattle, WA (US);

Hao Zhou, Solon, OH (US);

Fan Wu, Superior, CO (US);

Venkateswara Rao Yarlagadda, Bangalore, IN;

Russell E. Rice, San Carlos, CA (US);

Inventors:

Robert E. Gleichauf, San Antonio, TX (US);

Susan E. Thomson, Summit, NJ (US);

Dany J. Rochefort, Norfolk, MA (US);

Joseph A. Salowey, Seattle, WA (US);

Hao Zhou, Solon, OH (US);

Fan Wu, Superior, CO (US);

Venkateswara Rao Yarlagadda, Bangalore, IN;

Russell E. Rice, San Carlos, CA (US);

Assignee:

CISCO TECHNOLOGY, INC., San Jose, CA (US);

Attorney:

Patterson + Sheridan, LLP

Primary Examiner:

Tu Nguyen

Int. Cl.
CPC ...
G06F 15/16 (2006.01); G06F 21/50 (2013.01); H04L 29/06 (2006.01);
U.S. Cl.
CPC ...
G06F 21/50 (2013.01); H04L 63/08 (2013.01);
Abstract

A computerized device transmits an access request to a data communications device of a network in an attempt to access network resources within the network. The data communications device, in response and in real-time, transmits a challenge request to the computerized device that directs the computerized device to retrieve configuration, or posture, credentials associated with the computerized device. A policy server receives the challenge response and, based upon a real-time analysis of the posture credentials of the computerized device, determines a security state of the computerized device and either provides some level or denies the computerized device access to the network resources based upon the analysis of posture. The data communications device detects the real-time security state of the computerized device prior to providing the computerized device with controlled access to the network resources, thereby limiting vulnerable computerized devices from accessing the network resources and minimizing the risk that the network resources receive or transmit malware.

Find Patent Forward Citations

Loading…