Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Using events to identify a user and enforce policies

Active Publication Date: 2015-11-03
PALO ALTO NETWORKS INC
View PDF53 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

The invention is a system that uses events from devices in a network to determine user identities and enforce policies that incorporate those identities. This can be difficult as the number of devices in the network increases. The invention aims to make it easier to enforce granular policies that prevent unauthorized access to resources. The invention can be implemented as a process, apparatus, system, composition of matter, computer program product, or processor. The invention can be used in various types of devices, such as computers, cell phones, and tablets. The invention can also be used in combination with other techniques, such as data appliances and firewalls.

Problems solved by technology

Unfortunately, enforcing granular polices can be difficult, particularly as the number and variety of types of devices present in an enterprise network continue to increase.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013]The invention can be implemented in numerous ways, including as a process; an apparatus; a system; a composition of matter; a computer program product embodied on a computer readable storage medium; and / or a processor, such as a processor configured to execute instructions stored on and / or provided by a memory coupled to the processor. In this specification, these implementations, or any other form that the invention may take, may be referred to as techniques. In general, the order of the steps of disclosed processes may be altered within the scope of the invention. Unless stated otherwise, a component such as a processor or a memory described as being configured to perform a task may be implemented as a general component that is temporarily configured to perform the task at a given time or a specific component that is manufactured to perform the task. As used herein, the term ‘processor’ refers to one or more devices, circuits, and / or processing cores configured to process da...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Enforcing a policy is described. A mapping between an IP address of a device and a user identity is identified, at least in part by correlating event information. A policy is applied to the device based at least in part on the user identity. One example of an event is an access to a mail server, such as an access to a Microsoft Exchange server.

Description

BACKGROUND OF THE INVENTION[0001]Devices such as firewalls are sometimes used to prevent users, such as employees of a company, from accessing resources to which they are not authorized. As an example, access to a specific website or to a class of websites may be prohibited for all users. Access can also be granted in a more granular level, such as by permitting some users or groups of users to access a resource, while prohibiting access for other users / groups. Unfortunately, enforcing granular polices can be difficult, particularly as the number and variety of types of devices present in an enterprise network continue to increase.BRIEF DESCRIPTION OF THE DRAWINGS[0002]Various embodiments of the invention are disclosed in the following detailed description and the accompanying drawings.[0003]FIG. 1 illustrates an embodiment of an environment in which user identities are determined based on events (such as Microsoft Exchange events) and in which policies that incorporate the identiti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F21/30
CPCH04L63/10G06F21/30
Inventor JACOBSEN, MICHAELWANG, SONGXU, WILSON
Owner PALO ALTO NETWORKS INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com