Patent Grant
9294377
1. Field of the Invention
The present invention relates to customizing a user interface to a current user and a current task. More particularly, the present invention relates to a method and apparatus for dynamically updating a content-based user interface.
2. Background Discussion
Conventionally, software user interfaces are only modified with great difficulty. For example, modifying user interfaces to desktop applications, such as word processors, may require that large portions of the application source code be rewritten. After the source code is rewritten, new object code and machine code must be generated. Following that, the new version of the software must be distributed to the user base. Additionally, because the user interface (UI) cannot be readily modified, users must devise and use workarounds for them, at least until a patch can be distributed or, possibly, until a new release of the software. In dynamic environments, such as unified network management platforms, the profusion of tasks, roles, types and sources of content and environment render the overall task of management of the environment extremely burdensome with a conventional static UI.
A Policy- and Relevance-based User Interface (UI) for an enterprise suite Console provides a Console Operator access to information about systems on a network under management. By means of such UI, a user experience is dynamically constructed within product domains particular to the system under management using content elements that flow from content sites into the Operator environment, populating the UI and driving the Operator experience. Specifications distributed with the content determine how the local Console UI organizes and presents information. The UI is further determined by each Console Operator's content access rights. The UI allows for re-flowing the Console UI without reinstalling or updating the Console application, seamlessly integrating new content into the UI and targeting language to specific domains.
Definitions
The invention operates within a computing environment. One embodiment of a suitable computing environment is described here.
Referring now to
The computer system (100) includes a processor (102), a main memory (104) and a static memory (106), which communicate with each other via a bus 108. The computer system (100) may further include a display unit 110, for example, a liquid crystal display (LCD) or a cathode ray tube (CRT). The computer system (100) also includes an alphanumeric input device (112), for example, a keyboard; a cursor control device (114), for example, a mouse; a disk drive unit (116), a signal generation device (118), for example, a speaker, and a network interface device (128).
The disk drive unit (116) includes a machine-readable medium (124) on which is stored a set of executable instructions, i.e. software, (126) embodying any one, or all, of the methodologies described herein below. The software (126) is also shown to reside, completely or at least partially, within the main memory (104) and/or within the processor (102). The software (126) may further be transmitted or received over a network (130) by means of a network interface device (128).
In contrast to the system (100) discussed above, a different embodiment of the invention uses logic circuitry instead of computer-executed instructions to implement processing offers. Depending upon the particular requirements of the application in the areas of speed, expense, tooling costs, and the like, this logic may be implemented by constructing an application-specific integrated circuit (ASIC) having thousands of tiny integrated transistors. Such an ASIC may be implemented with CMOS (complementary metal oxide semiconductor), TTL (transistor-transistor logic), VLSI (very large scale integration), or another suitable construction. Other alternatives include a digital signal processing chip (DSP), discrete circuitry (such as resistors, capacitors, diodes, inductors, and transistors), field programmable gate array (FPGA), programmable logic array (PLA), programmable logic device (PLD), and the like. It is to be understood that embodiments of this invention may be used as or to support software programs executed upon some form of processing core (such as the Central Processing Unit of a computer) or otherwise implemented or realized upon or within a machine or computer readable medium. A machine-readable medium includes any mechanism for storing or transmitting information in a form readable by a machine, e.g. a computer. For example, a machine readable medium includes read-only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; flash memory devices; electrical, optical, acoustical or other form of propagated signals, for example, carrier waves, infrared signals, digital signals, etc.; or any other type of media suitable for storing or transmitting information.
Unified Management Platform
An embodiment of the invention operates in the context of an enterprise management platform, as described in this section.
Referring now to
Key components of the Platform include the Agent (202), the Server and Console (204), the Fixlet messages, and the Relays (206), (208). The Platform creates a lightweight communications and management infrastructure for delivery of security and system management services to networked desktop, laptop/notebook and Server computers. By assigning responsibility for reporting and management actions on endpoints themselves, the Platform enables visibility and management of IT infrastructures ranging from hundreds to hundreds of thousands of desktop, mobile and Server computers.
The Agent (202) resides on managed devices and acts as a universal policy engine capable of delivering multiple management services. A single Agent (202) can execute a diverse and extensible array of management services that range from real-time Client status reporting, to patch and software distribution, to security policy enforcement.
The Agent's role in the Platform may be described as that of a Policy Engine: a piece of software and a computational context for evaluating content. Thus, the Agent constitutes a computational resource that uses one or more inspectors to examine its context, decide what is relevant, report properties, take Action in that environment, and report on the success or failure of the actions. Thus, the Agent gives an administrator visibility into the context and controls it. The motivation for provision of a policy engine thus may be the realization that any computing resource, including physical or virtual machines, or a machine, that is a delegate for another machine or a piece of hardware can benefit from management by having a policy engine that can inspect properties of the entity that is being managed, apply changes to the environment and report on the fact that those changes were effective or not.
The Agent also automatically, notifies the Server and Console (204) of changes in managed device configuration, providing a real-time view of device status. In addition to a standard array of management services, customers and developers can create custom policies and services using a published authoring language. In various embodiments, the Agent runs on all versions of the MICROSOFT WINDOWS (Microsoft Corporation, Redmond Wash.) operating system since WINDOWS 95, UNIX, LINUX and MAC OS (APPLE, INC., Cupertino Calif.) Client systems, enabling administrators to consolidate management of heterogeneous infrastructures from the Console.
The Server (204) is a software-based package that provides a control center and repository for managed system configuration data, software updates and patches, and other management information. In an embodiment, the Console (204), provides an operations control center for administrators that includes graphical displays of device, group, and enterprise-wide device status and dashboards for executing management actions through the management infrastructure. The Console may also include reporting functions and templates that enable graphical and tabular views on infrastructure status.
Fixlet messages contain relevance based queries regarding client properties. These queries are interpreted by the Agent (202), and the results are reported back to the server. As noted above, in an embodiment, users have the option of writing custom Fixlet messages.
Relays (206), (208) act as concentration points for Fixlet messages on network infrastructures. Relays are a software module that execute as a shared service on non-dedicated hardware. Relays help reduce network bandwidth requirements for distribution of Fixlets and content such as software, patches, updates, and other information. In an embodiment, Relays (206), (208) include a failover mechanism to keep managed Clients in touch with the Console should normal communications channels go dark or become overloaded with other traffic. In an embodiment, Relays allow an N-tier hierarchy to be created for the transmission of information from the Clients to the Server in the enterprise.
The unified management Platform provides real-time visibility and control of IT systems through a. single infrastructure, single agent and unified Console. The Platform is designed to continuously discover, assess, remediate, and enforce the health and security of servers, desktops, and roaming laptops in real-time via a single policy-driven Agent and single Console. The aspects of IT systems that are evaluated are determined in part by content on sites to which the Platform is subscribed. Sites can be distributed to the Platform by external entities, or created from within the Platform itself. Each site contains a variety of related content that can be evaluated by Agents installed on local systems. The Console aggregates data reported from clients on the local deployment. The Platform distributes content from a variety of Sites, ranging, for example, from operating system patching to power management to anti-virus. Each site contains a variety of content in different domains. Local deployments are subscribed to a given subset of sites, and Console users can have access to all or a subset of the deployment's Sites.
The Console interface described herein provides an overall structure for the presentation of subscribed sites. The sites include information regarding how their contents will be organized in the interface, from how individual documents are grouped together, to the language used to present content, to how different sites are combined into one top-level container, called a domain. This means that to a large degree, the Console interface is determined not by the local application but by the sites to which the user is subscribed.
Content-Driven Interface
Domains (302) aggregate content from an arbitrary number of sites. Only sites to which the operator is given access are displayed in the console. Tree lists (306) are hierarchical organizations of the sites' contents. The naming and ordering of nodes in the Tree lists, as well as the elements contained by the nodes, are defined by content, not by the locally installed application. The Dashboard Filter (304), which is part of a site, allows for the further manipulation of the tree list. By means of a domain specification, sites (not shown) define the naming, ordering, and elements of each container in the Tree List, as well as how Tree lists and Dashboard Filters are arranged. Filters (e.g. “Tasks” as shown in the Tree list (306)) present content in the Content List. Folders (e.g. “Wizards” as shown in the Tree list (306)) present individual pieces of content or filters.
The Console UI an Operator views depends on the specific content to which the Operator has access. This means different operators on the same deployment will have different experiences when using the console.
Each domain provides language and user interface elements that map directly to that particular problem domain. Domains also allow for focusing the UI. An undifferentiated list of the Fixlets in a deployment can number in the tens of thousands. Domains can narrow that number to less than one hundred.
A second version of the Tree List (604) shows the view of an operator with access to both Windows and Red Hat patching sites. There is an evident difference in the number of security bulletins for example −24 37 vs. 2567. Another key difference to see here is that the “Updates” folder now has nodes with language specific to the Red Hat environment, such as “Redhat Enhancements.” An operator responsible for patching both Windows and Red Hat operating systems might see this view.
The final version shows a Tree List using that does not use language that is specified to any specific operating system (606). This generic interface contains a greater number of Fixlets, indicating it is consolidating patches from additional operating system sites.
This exemplifies several key points. First, the UI is determined by the sites to which the user has access, and uses language that is appropriate to the tasks of the individual operator. Thus role-specific UIs are dynamically provisioned. Secondly, while the organization of 602 and 604 is distinct from the organization of 606, these differences are defined in the sites themselves, and can thus be changed dynamically without modifying the code base of the locally installed application.
The domain specification may be based, at least in part, on the notion of session relevance. Session relevance is used to describe both the contents of each node in the Tree list, as described above, and in determining whether or not a particular content type or a particular piece of content is displayed. The latter allows the UI to change, not only according to User and task, but also according to changes in a deployment.
For example, if a new type of computer shows up in a customer's deployment, in response, a new section of the Patch Management UI shows up. Thus, the UI customizes itself to the environment it finds itself in by examining characteristics of the deployment that is being interacted with.
It is apparent that these notions are applicable to all, or nearly all, domains, such as security configuration management and endpoint protection. So in that domain, one is interested in the conformance of all machines to a set of security policies such as password complexity, or perhaps, patch status or anti-virus status. Certain content types may fall into several domains, which can be achieved in this paradigm.
Content-Driven Interface Embodiment Notes
As noted above, the practice of relevance evaluation, which previously has been limited to Agents running on Clients, as first described in U.S. Pat. No. 6,256,664, now extends beyond the Agent. While earlier work is concerned with relevance in the context of a machine or properties of the network around the machine, as describe herein, relevance evaluation is now applied in the context of the Console and the context of deployment. Where previously decision making was performed on the endpoint by an Agent running on the endpoint, decision making is now distributed to Consoles in addition to Agents. One or more Domain Specifications are included with a content site. Each domain specification uses session relevance to describe the contents of each UI entity. The console interprets the domain specifications, and merges the definitions from multiple sites into a single coherent UI. Multiple sites can place contents in single containers, and individual sites can place content in nodes of multiple domains. Thus, as content comes in, it signals to the Console the circumstances in which it is relevant and how it should be presented to the user.
Properties and Data
The session relevance used by the interface paradigm described here inspects properties of the content distributed with the sites as well as properties associated with the clients, as reported by the agents. Some of these properties are inherent to the content itself, such as the severity value of a Fixlet, which is a part of the Fixlet itself. Others are based on reported values by many computers, for example the number of computers on which a specific Fixlet is applicable.
Session Relevance, described above, is used to query these properties and plays a large part in the definition of the interface by the sites' domain specifications.
Domain Specification
As above, a domain specification XML (eXtensible Markup Language) document is included with each site. This specification contains a section for each domain in which the site places content. The domain specification contains the information that fully describes how the site's contents should be presented within the UI. The domain specifications from sites to which the Operator has access are interpreted by the console.
Each domain is assigned a code that allows it to be recognized by the Console, a name the Console uses to display the domain, and an icon used to represent the name.
Domain specifications can define tree lists. These lists contain hierarchical nodes of a variety of types, such as folders, lists, and drill-down lists. The names of these nodes are defined in the specification, and the contents of each node are defined by means of session relevance. The domain specification may identify Dashboard Filters to be included in the interface. These are arbitrary HTML documents that can include session relevance, and are also distributed with the site This allows a variety of functionality. The dashboard can allow for further refining of the tree-list. For example, a checkbox in the dashboard could tell the tree-list to only present nodes and fixlets containing content relevant to Windows operating systems. The dashboard could also query the database to prominently display important information, for example out of date licenses.
Two additional important concepts are sort order and conditions. A numerical sort order value for each node describes the order in which it should be presented. Lower numbers are presented above higher numbers. These can be defined for nodes in the tree list. Sort order is also used to describe the order in which domains should be presented, and the order in which Tree Lists and Dashboard Filters are presented.
Conditions are relevance queries that allow the domain specification to define when it should and should not be presented in the interface. For example, a filter node may have a condition that only makes it visible when any of its content is relevant on any machine. Conditions can be used on any node in a tree list, as well as on dashboards.
To present an interface to the user, the Console must merge the domain specifications from the different sites. It does this by combining the definitions of each UI element that are included in the different domain specifications to which it is subscribed. Referring again to
Advantages
A major advantage of this UI paradigm is that the interface can be modified without changing the locally installed applications. This has a variety of benefits, including at least the following:
If users have limited access to sites, they will see a limited version of the Console. For example, if they only have access to one site, a dashboard filtering Windows and Linux sites could be hidden from the user as it would be unnecessary.
Content Factory Summary
The content-driven interface described above has substantial advantages in the case where all of the UI-defining content is supplied directly through sites external to the customer's deployment. However, a further refinement is possible.
In the content factory model, the content factory contains logic to dynamically generate content based on input supplied by the user. In addition to generating content, a domain specification can be created to define the UI within the console. This UI can rely on the structure inherent to the input stream. Thus, UI is automatically generated alongside new content without modifying the local application code.
As an example, a user might interact with a dashboard A to express requirements specific to their environment, and based on those requirements, a dashboard B might be generated which addresses those requirements. Dashboard B, which by itself is a dynamically generated UI, will then be placed in a tree list in the console by an automatically created domain specification.
The content factory might be traditional platform content, or it might be hosted in another environment, as described in the example embodiment below.
Decision Support System (DSS)
As background for the example Content Factory Embodiment discussed below, it is helpful to understand the BigFix concept of a Decision Support System.
In an embodiment, a decision support and reporting system (DSS) may include its own data warehouse, web interface, data connector and associated administrative functions, providing the ability to move easily from an executive level macro view of the entire environment through domain and role-specific lenses and into a granular view micro view of specific problem sets. The purpose is to add a level of decision support and intelligence on top of the abstracted data. The DSS includes federation and reconciliation functions that allow us to move beyond a particular data source, such as data from the unified management platform described above and to incorporate other areas of IT, such as network context, application and user provisioning.
Using the DSS, it is possible to convert data into meaningful information to support optimized systems and security operations and risk and compliance management for the enterprise, and additionally support federation and reconciliation of data.
Capabilities:
Accordingly, the DSS gives high-level analytics of any systems management situation. Thus, an existing platform such as the unified management platform described above gives a real time live view of what's going on in the enterprise and the ability to control it. DSS then takes that information and builds on top of it an analytics layer.
DSS has a data warehousing capability and a Web application stack capability married with a data feed, such as a unified management platform described above data feed and the practice of having domains flow down to the customer's deployment in content.
Thus, rather than it being a traditional, central software service model, it is out at the endpoint with applications that flow down from a central server into their environment to actually sample the properties of the environment, such as actual properties of machines, for example, the fact that there's a file named Excel.exe that's sitting on a certain machine in a certain location with certain properties, like a version number and a date that it was created.
Taking such raw information and then being able to process it into a form that is consumable by somebody who wants to understand what sets of software they've purchased and where it exists in their environment requires a complex process to figure out, for example, that someone purchased a version of Microsoft Office that included that executable with those properties and installed it on a particular machine.
Since the foregoing constitutes automatic creation of policies, it can also automate creation of all the content that a particular domain needs, as described herein below. Such automated content creation may include the domain specification and how the UI should look, being incorporated into a tool that allows, for example, a high-level person or a person who is not an operations person or even someone who knows what the platforms are, to create a description of what they want, do little more than push a button, and that specification flows, with the appropriate UI and workflow, to each person in the operations chain who needs to be involved. It is not just policies for the endpoint. It can be polices for the Console, it can be appropriate reports in other reporting environments. It can be that entire content stream.
Example Content Factory Embodiment
An example embodiment of a content factory addresses the use case of Systems and Configuration Management against third-party security standards. In this use case, a non-operational user needs to review an enterprise security and compliance posture against published third party standards, and make policy decisions based on that information. Those policy decisions are translated into generated platform content according to the content factory model, resulting in new, dynamically generated UI components being presented to the Console operator.
In this embodiment, types of supported inputs include at least:
The process is broken down into separate phases, for example:
In an embodiment, a tool in the unified platform imports content from arbitrary streams directly into the platform, translating the streams into Fixlets, Analyses, and Specifications that describe how the content should be presented in the Console UI.
In another embodiment, the import process (700) may be called by DSS (702) or run stand-alone command line (704). It will accept a variety of inputs based on the format of the content to import. For INF imports, a metadata content file is usually available. To ease the import process, a DSS catalog Operator may match checks up to an internal ID before import using some UI in DSS. The process works by the following flow:
In this embodiment, the export process (800) may be called from DSS (702) to the SCM Export Controller (802). The controller reads in the defined policy (804) from the DSS (702) database and pulls out all required information to create content. There exist several types of content created with options on some of the content, for example:
Per policy:
In this embodiment, during the generation process the controller script may verify whether or not a policy has been propagated before, if so it may update the existing content. The controller script can also be used to remove a policy if desired.
The export process is as follows:
The metadata for this script is stored in INI file format, which may be loaded along with the INF file during the import process.
In an embodiment, the default INF format may be extended to include an Extern section which reads information in from an XML file for the check.
Because the OVAL definitions in SCAP are needlessly complex, on import, the script simplifies the definitions considerably.
The export portion may include modules defined for the entire OVAL standard. This portion of the script generates certain QA-specific files for testing.
Each of the modules defined may relate to an OVAL object type, i.e. fileeffectiverights54_object. The module may receive the raw XML as an input and return relevance that evaluates true if the conditions are met and false if they are not. This logic may be inverted when inserted into a Fixlet in order to make writing the relevance easier and the testing clearer.
In the foregoing specification, the invention has been described with reference to specific exemplary embodiments thereof. It will, however, be evident that various modifications and changes may be made thereto without departing from the broader spirit and scope of the invention as set forth in the appended claims. The specification and drawings are, accordingly, to be regarded in an illustrative sense rather than a restrictive sense.
This is application is a continuation-in-part U.S. patent application Ser. No. 12/142,723, filed Jun. 19, 2008, now U.S. Pat. No. 8,055,617 issued Jun. 8, 2011, which is a continuation of U.S. patent application Ser. No. 10/804,799, filed Mar. 19,2004, now U.S. Pat. No. 7,398,272, issued Jul, 8, 2008, the entirety of which is incorporated herein by this reference thereto; this application claims benefit of U.S. provisional patent application No. 61/242,278, filed Sep. 14, 2009, the entirety which is incorporated herein by this reference thereto.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5010571 | Katznelson et al. | Apr 1991 | A |
| 5586304 | Stupek, Jr. et al. | Dec 1996 | A |
| 5649099 | Theimer et al. | Jul 1997 | A |
| 5732137 | Aziz | Mar 1998 | A |
| 5751967 | Raab et al. | May 1998 | A |
| 5958050 | Griffin et al. | Sep 1999 | A |
| 6123737 | Sadowsky | Sep 2000 | A |
| 6128738 | Doyle et al. | Oct 2000 | A |
| 6151643 | Cheng et al. | Nov 2000 | A |
| 6161218 | Taylor | Dec 2000 | A |
| 6192404 | Hurst et al. | Feb 2001 | B1 |
| 6233612 | Fruchtman et al. | May 2001 | B1 |
| 6237144 | Delo | May 2001 | B1 |
| 6240394 | Uecker et al. | May 2001 | B1 |
| 6240451 | Campbell et al. | May 2001 | B1 |
| 6256664 | Donoho et al. | Jul 2001 | B1 |
| 6256668 | Silvka et al. | Jul 2001 | B1 |
| 6263362 | Donoho et al. | Jul 2001 | B1 |
| 6289394 | Kozuka | Sep 2001 | B1 |
| 6289510 | Nakajima | Sep 2001 | B1 |
| 6321258 | Stolfus et al. | Nov 2001 | B1 |
| 6324691 | Gazdik | Nov 2001 | B1 |
| 6324693 | Brodersen et al. | Nov 2001 | B1 |
| 6327617 | Fawcett | Dec 2001 | B1 |
| 6330715 | Razzaghe-Ashrefi | Dec 2001 | B1 |
| 6345386 | Dolo | Feb 2002 | B1 |
| 6347396 | Gard | Feb 2002 | B1 |
| 6347398 | Parthesarathy et al. | Feb 2002 | B1 |
| 6351536 | Sasaki et al. | Feb 2002 | B1 |
| 6353902 | Kultaungge et al. | Mar 2002 | B1 |
| 6353926 | Parthasarathy | Mar 2002 | B1 |
| 6353928 | Atberg et al. | Mar 2002 | B1 |
| 6356936 | Donoho et al. | Mar 2002 | B1 |
| 6360366 | Heath et al. | Mar 2002 | B1 |
| 6363524 | Loy | Mar 2002 | B1 |
| 6378128 | Edelstein et al. | Apr 2002 | B1 |
| 6381742 | Forbes et al. | Apr 2002 | B2 |
| 6389464 | Krishnamurthy et al. | May 2002 | B1 |
| 6389589 | Mishra et al. | May 2002 | B1 |
| 6405250 | Lin et al. | Jun 2002 | B1 |
| 6407988 | Agraharam et al. | Jun 2002 | B1 |
| 6418478 | Ignatius et al. | Jul 2002 | B1 |
| 6418554 | Dolo et al. | Jul 2002 | B1 |
| 6434606 | Borella et al. | Aug 2002 | B1 |
| 6449642 | Bourke-Dunphy et al. | Sep 2002 | B2 |
| 6460175 | Ferr et al. | Oct 2002 | B1 |
| 6477703 | Smith et al. | Nov 2002 | B1 |
| 6487603 | Schuster et al. | Nov 2002 | B1 |
| 6493594 | Krami | Dec 2002 | B1 |
| 6496977 | Hamilton, II et al. | Dec 2002 | B1 |
| 6516316 | Ramasubramani et al. | Feb 2003 | B1 |
| 6523166 | Mishra et al. | Feb 2003 | B1 |
| 6526507 | Cromer et al. | Feb 2003 | B1 |
| 6532491 | Lakis et al. | Mar 2003 | B1 |
| 6535977 | Holle et al. | Mar 2003 | B1 |
| 6557054 | Reisman | Apr 2003 | B2 |
| 6564369 | Hove et al. | May 2003 | B1 |
| 6571186 | Ward | May 2003 | B1 |
| 6574537 | Kipersztok et al. | Jun 2003 | B2 |
| 6594692 | Reisman | Jul 2003 | B1 |
| 6594759 | Wong | Jul 2003 | B1 |
| 6604130 | Donoho et al. | Aug 2003 | B2 |
| 6611862 | Reisman | Aug 2003 | B2 |
| 6622146 | Sato et al. | Sep 2003 | B1 |
| 6654714 | Gentile et al. | Nov 2003 | B1 |
| 6658464 | Reisman | Dec 2003 | B2 |
| 6658489 | Asselin | Dec 2003 | B1 |
| 6678889 | Burkett | Jan 2004 | B1 |
| 6681243 | Putzolu et al. | Jan 2004 | B1 |
| 6725242 | Gardner | Apr 2004 | B2 |
| 6725452 | Te'eni et al. | Apr 2004 | B1 |
| 6735766 | Chamberlain et al. | May 2004 | B1 |
| 6745224 | D'Souza et al. | Jun 2004 | B1 |
| 6745766 | Fini | Jun 2004 | B2 |
| 6751661 | Geddes et al. | Jun 2004 | B1 |
| 6763517 | Hines | Jul 2004 | B2 |
| 6769009 | Reisman | Jul 2004 | B1 |
| 6789255 | Pedrizetti et al. | Sep 2004 | B1 |
| 6802061 | Parthasarathy et al. | Oct 2004 | B1 |
| 6804663 | Dolo | Oct 2004 | B1 |
| 6836794 | Lucovsky et al. | Dec 2004 | B1 |
| 6851115 | Cheyer et al. | Feb 2005 | B1 |
| 6871281 | Schwab et al. | Mar 2005 | B2 |
| 6904457 | Goodman | Jun 2005 | B2 |
| 6920631 | Dolo | Jul 2005 | B2 |
| 6922831 | Kroening et al. | Jul 2005 | B1 |
| 6931434 | Donoho et al. | Aug 2005 | B1 |
| 6941453 | Rao | Sep 2005 | B2 |
| 6954790 | Forslow et al. | Oct 2005 | B2 |
| 6971094 | Ly | Nov 2005 | B1 |
| 6996815 | Bourke-Dunphy et al. | Feb 2006 | B2 |
| 6996819 | Alanis | Feb 2006 | B1 |
| 7134019 | Shelest et al. | Nov 2006 | B2 |
| 7137040 | Bae et al. | Nov 2006 | B2 |
| 7171479 | Buchanan et al. | Jan 2007 | B2 |
| 7185229 | Cromer et al. | Feb 2007 | B2 |
| 7275048 | Bigus et al. | Sep 2007 | B2 |
| 7277919 | Donoho et al. | Oct 2007 | B1 |
| 7333517 | Madhavapeddi et al. | Feb 2008 | B2 |
| 7398272 | Hindawi et al. | Jul 2008 | B2 |
| 7509377 | Harvey et al. | Mar 2009 | B2 |
| 7523190 | Bickerstaff et al. | Apr 2009 | B1 |
| 7558953 | Osthoff et al. | Jul 2009 | B2 |
| 7577097 | Tan | Aug 2009 | B2 |
| 7586848 | Gunduzhan | Sep 2009 | B1 |
| 7620816 | Vigue et al. | Nov 2009 | B1 |
| 7630401 | Iwamura | Dec 2009 | B2 |
| 7668938 | Phillips et al. | Feb 2010 | B1 |
| 7787379 | Mekkattuparamban et al. | Aug 2010 | B2 |
| 7830816 | Gonzalez et al. | Nov 2010 | B1 |
| 7953113 | Elliot et al. | May 2011 | B2 |
| 7962632 | Lipsanen | Jun 2011 | B2 |
| 7969900 | Abdo et al. | Jun 2011 | B2 |
| 8055617 | Hindawi et al. | Nov 2011 | B2 |
| 8161149 | Lippincott et al. | Apr 2012 | B2 |
| 8165088 | Oba | Apr 2012 | B2 |
| 8171364 | Veillette et al. | May 2012 | B2 |
| 8315262 | Toscano | Nov 2012 | B2 |
| 8495157 | Goodrow et al. | Jul 2013 | B2 |
| 8543682 | Menon | Sep 2013 | B2 |
| 8660006 | Torres et al. | Feb 2014 | B2 |
| 20010032091 | Schultz et al. | Oct 2001 | A1 |
| 20010042104 | Donoho et al. | Nov 2001 | A1 |
| 20020112200 | Hines | Aug 2002 | A1 |
| 20020143949 | Rajarajan | Oct 2002 | A1 |
| 20020147764 | Krupczak | Oct 2002 | A1 |
| 20020152384 | Shelest et al. | Oct 2002 | A1 |
| 20020188691 | Ignatius et al. | Dec 2002 | A1 |
| 20030033394 | Stine | Feb 2003 | A1 |
| 20030033396 | McCall | Feb 2003 | A1 |
| 20030033400 | Pawar et al. | Feb 2003 | A1 |
| 20030041167 | French et al. | Feb 2003 | A1 |
| 20030074321 | Peled | Apr 2003 | A1 |
| 20030074358 | Sarbaz et al. | Apr 2003 | A1 |
| 20030088542 | McGee et al. | May 2003 | A1 |
| 20030097454 | Yamakawa et al. | May 2003 | A1 |
| 20030126256 | Cruickshank et al. | Jul 2003 | A1 |
| 20030177179 | Jones et al. | Sep 2003 | A1 |
| 20030187868 | Igarashi | Oct 2003 | A1 |
| 20030202480 | Swami | Oct 2003 | A1 |
| 20030233645 | Cohen et al. | Dec 2003 | A1 |
| 20030233646 | Cohen et al. | Dec 2003 | A1 |
| 20040039816 | Bae et al. | Feb 2004 | A1 |
| 20040117275 | Billera | Jun 2004 | A1 |
| 20040174904 | Kim et al. | Sep 2004 | A1 |
| 20040187105 | Inada et al. | Sep 2004 | A1 |
| 20040213211 | Green et al. | Oct 2004 | A1 |
| 20040215781 | Pulsipher et al. | Oct 2004 | A1 |
| 20040223505 | Kim et al. | Nov 2004 | A1 |
| 20040230644 | Aratake et al. | Nov 2004 | A1 |
| 20040230854 | Elko et al. | Nov 2004 | A1 |
| 20040246975 | Joshi et al. | Dec 2004 | A1 |
| 20040255048 | Lev Ran et al. | Dec 2004 | A1 |
| 20040260949 | Aoki et al. | Dec 2004 | A1 |
| 20050002408 | Lee et al. | Jan 2005 | A1 |
| 20050005026 | Brown et al. | Jan 2005 | A1 |
| 20050047343 | Sharony et al. | Mar 2005 | A1 |
| 20050054327 | Johnston et al. | Mar 2005 | A1 |
| 20050081156 | Clark et al. | Apr 2005 | A1 |
| 20050086477 | Lin et al. | Apr 2005 | A1 |
| 20050086534 | Hindawi et al. | Apr 2005 | A1 |
| 20050091501 | Osthoff et al. | Apr 2005 | A1 |
| 20050120160 | Plouffe et al. | Jun 2005 | A1 |
| 20050180326 | Goldflam et al. | Aug 2005 | A1 |
| 20050198201 | Bohn | Sep 2005 | A1 |
| 20060095388 | Brown et al. | May 2006 | A1 |
| 20060104370 | Yamanaka | May 2006 | A1 |
| 20060168291 | Van Zoest et al. | Jul 2006 | A1 |
| 20060253446 | Leong et al. | Nov 2006 | A1 |
| 20060268713 | Lundstrom et al. | Nov 2006 | A1 |
| 20070019552 | Senarath | Jan 2007 | A1 |
| 20070050645 | Siegmund et al. | Mar 2007 | A1 |
| 20070070890 | Rojahn | Mar 2007 | A1 |
| 20070091921 | Elliot et al. | Apr 2007 | A1 |
| 20070115814 | Gerla et al. | May 2007 | A1 |
| 20070121511 | Morandin | May 2007 | A1 |
| 20070124412 | Narayanaswami et al. | May 2007 | A1 |
| 20070147435 | Hamilton et al. | Jun 2007 | A1 |
| 20070180119 | Khivesara et al. | Aug 2007 | A1 |
| 20070204078 | Boccon-Gibod et al. | Aug 2007 | A1 |
| 20070280253 | Rooholamini et al. | Dec 2007 | A1 |
| 20070288914 | Brannock et al. | Dec 2007 | A1 |
| 20080016335 | Takahashi et al. | Jan 2008 | A1 |
| 20080052054 | Beverina et al. | Feb 2008 | A1 |
| 20080144493 | Yeh | Jun 2008 | A1 |
| 20080192695 | Krishnan et al. | Aug 2008 | A1 |
| 20080201462 | Liss et al. | Aug 2008 | A1 |
| 20080240156 | Elliot et al. | Oct 2008 | A1 |
| 20080263218 | Beerends et al. | Oct 2008 | A1 |
| 20080295092 | Tan et al. | Nov 2008 | A1 |
| 20090019525 | Yu et al. | Jan 2009 | A1 |
| 20090147737 | Tacconi et al. | Jun 2009 | A1 |
| 20090147806 | Bruckheimer | Jun 2009 | A1 |
| 20090222555 | Qian et al. | Sep 2009 | A1 |
| 20090232017 | Carlisle | Sep 2009 | A1 |
| 20090232159 | Haran et al. | Sep 2009 | A1 |
| 20090276771 | Nickolov et al. | Nov 2009 | A1 |
| 20100017494 | Hindawi et al. | Jan 2010 | A1 |
| 20100088411 | Litofsky et al. | Apr 2010 | A1 |
| 20100150009 | Mangs et al. | Jun 2010 | A1 |
| 20100228947 | Sasao et al. | Sep 2010 | A1 |
| 20100250682 | Goldberg et al. | Sep 2010 | A1 |
| 20100250769 | Barreto et al. | Sep 2010 | A1 |
| 20100332640 | Goodrow et al. | Dec 2010 | A1 |
| 20110029626 | Goodrow et al. | Feb 2011 | A1 |
| 20110066752 | Lippincott et al. | Mar 2011 | A1 |
| 20110066841 | Goodrow et al. | Mar 2011 | A1 |
| 20110116390 | Ramachandran et al. | May 2011 | A1 |
| 20110222691 | Yamaguchi et al. | Sep 2011 | A1 |
| 20110276688 | Qian et al. | Nov 2011 | A1 |
| 20120203818 | Lippincott et al. | Aug 2012 | A1 |
| 20120226805 | Rojahn | Sep 2012 | A1 |
| 20120310890 | Dodd et al. | Dec 2012 | A1 |
| 20120324519 | Laughlin | Dec 2012 | A1 |
| Number | Date | Country |
|---|---|---|
| 2001318814 | Nov 2001 | JP |
| 2002523841 | Jul 2002 | JP |
| 2002247033 | Aug 2002 | JP |
| 200376434 | Mar 2003 | JP |
| WO03040944 | May 2003 | WO |
| Entry |
|---|
| APT Team, “Main Page of APT-GET”, http://web.archive.org/web/20041027155110/http://linuxreviews.org/man/apt-get; Viewed Online Jul. 11, 2012, Mar. 12, 2001, pp. 1-12. |
| Arnaud, et al., “How to Disable Security Warning Popup About Message Containing Script”, http://forum.bigfix.com/viewtopic.php?id=1519; Accessed Online Jul. 12, 2012, Nov. 15, 2007, 2 Pages. |
| BigFix, “New Features in BES 4.0”, Available online: http://web.archive.org/web/20061026095436/http://support.bigfix.com/bes/changes—4—0.html, Oct. 26, 2006, 1 Page. |
| BigFix, Inc., “BES Console Context Menu Wake-on LAN”, http://web.archive.org/web/20061026092909/http://support.bigfix.com/bes/misc/bes-wol.html; Archived Oct. 26, 2006, 1 page. |
| BigFix, Inc., “BigFix Action Language Reference: A Guide to the BigFix Action Shell Commands for the BigFix Enterprise Suite (BES)”, BigFix, Inc. Emeryville, CA. Compatible with BES Version 6.0, Dec. 6, 2006, 59 Pages. |
| BigFix, Inc., “BigFix Client ICMP Traffic Technical Details”, http://support.bigfix.com/bes/misc/besclient—icmp.html; Version 5.1, 6.0. Accessed online Jun. 16, 2012, copyright 2011, pp. 1-5. |
| BigFix, Inc., “BigFix Enterprise Suite (BES) Administrator's Guide”, BigFix, Inc. Emeryville, CA. Version 7.1, Jul. 25, 2008, 108 Pages. |
| BigFix, Inc., “BigFix Enterprise Suite (BES) Console Operator's Guide”, BigFix, Inc. Emeryville, CA. Version 7.1; last modified Jul. 26, 2008, copyright 2008, 182 Pages. |
| BigFix, Inc., “BigFix Remote Desktop for Windows”, Version 1.0. http://support.bigfix.com/product/documents/BigFixRemoteDesktopGuide-v1.pdf. Viewed online Jul. 11, 2012., Sep. 13, 2007, 13 pages. |
| BigFix, Inc., “Wake on LAN With a Alteration”, http://forum.bigfix.com/viewtopic.php?id=3248; Viewed online Jul. 11, 2012., May 14, 2009, 3 pages. |
| Burrows, Daniel, “Modelling and Resolving Software Dependencies”, Jun. 15, 2005, pp. 1-16. |
| Cisco Systems, Inc., “Configuring the Cisco IOS DHCP Relay Agent”, Cisco Systems, Inc. 170 West Tasman Drive, San Jose, CA 95134-1706, USA. First Published May 2, 2005, Nov. 17, 2006, 26 Pages. |
| Cstoneba, “BES Deployment—Wake on Lan”, retrieved on Aug. 1, 2012 online from url: http://forum.bigfix.com/viewtopic.php?pid=12542, Apr. 29, 2009, 4 pages. |
| Firstbrook, Peter et al., “Magic Quadrant for Endpoint Protection Platforms”, Gartner, Inc., Dec. 21, 2007, pp. 1-16. |
| Held, G et al., “The Internet Protocol and Related Protocols: Chapter 4”, The ABCs of TCP/IP. Auerbach Publications., 2002, 56 Pages. |
| Johnson, David B., et al., “DSR: The Dynamic Source Routing Protocol for Multi-Hop Wireless Ad Hoc Networks”, http://www.monarch.cs.cmu.edu; Computer Science Department. Carnegie Mellon University, Pittsburgh, PA 15213-3891, 2001, pp. 1-25. |
| Jreinec, et al., “Using a DOS Variable in Action Script”, http://forum.bigfix.com/viewtopic.php?id=1867; Accessed online Jul. 12, 2012, Mar. 24, 2008, 1 Page. |
| Kessler, G. et al., “An Overview of Cryptographic Methods”, Network Design: Principles and Applications. Edited by Gilbert Held. Auerbach Publications., 2000, pp. 679-691. |
| Knuth, Donald E., “The Art of Computer Programming”, Second Edition. vol. 3: Sorting and Searching. Addison Wesley Longman Publishing Co., Inc., Mar. 1998, 39 Pages. |
| Kus, Ben et al., “BigFix 7.1 Released”, http://forum.bigfix.com/viewtopic.php?id=2258; Viewed Online Jul. 11, 2012., Aug. 5, 2008, 2 pages. |
| Leach, Paul J. et al., “CIFS/E Browser Protocol”, Microsoft Internet Engineering Task Force. Network Working Group, Internet Draft., Jan. 10, 1997, pp. 1-24. |
| Menezes, P. et al., “Chapter 8: Public-Key Encryption”, Handbook of Applied Cryptography. CRC Press., 1996, 37 Pages. |
| Mgoodnow, “Relay on the DMZ”, http://forum.bigfix.com/viewtopic.php?id=428; Accessed Online Jul. 23, 2012, Nov. 30, 2006, 6 Pages. |
| Nholmes, et al., “BES Automatic Relay Settings”, http://forum.bigfix.xom/viewtopic.php?id=182; Accessed Online Jul. 11, 2012., Sep. 18, 2006, pp. 1-4. |
| OWASP, “Positive Security Model”, Open Web Application Security Project (OWASP). http://web.archive.org/web/20060821235729/http://www.owasp.org/index.php/Positive—security—model, Aug. 21, 2006, 2 Pages. |
| Tang, Hong et al., “Self-Organizing Networks of Communications and Computing”, International Transactions on Systems Science and Applications, vol. 1, No. 4., Nov. 6, 2006, pp. 421-431. |
| Tipton, H. et al., “Information Security Management Handbook: 2006 Edition”, Auerbach Publications. Glossary., 2006, 179 Pages. |
| Todorov, Dobromir, “Chapter 1: User Identification and Authentication Concepts”, From the book: Mechanics of User Identification and Authentication: Fundamentals of Identity Management. Auerbach Publications. Takir & Francis Group, LLC., 2007, pp. 1-64. |
| U.S. Department of Commerce, “Entity Authentication Using Public Key Cryptography”, National Institute of Standards and Technology. Federal Information Processing Standards Publication. FIPS PUB 196., Feb. 18, 1997, 52 Pages. |
| Final Office Action dated Jul. 17, 2013 for U.S. Appl. No. 12/881,995; 71 pages. |
| Office Action mailed Aug. 8, 2013 for U.S. Appl. No. 12/878,881; 25 pages. |
| USPTO U.S. Appl. No. 12/878,881, Aug. 2, 2013, 2 pages. |
| USPTO U.S. Appl. No. 12/881,668, Aug. 26, 2013, 2 pages. |
| USPTO U.S. Appl. No. 12/881,995, Aug. 2, 2013, 3 pages. |
| USPTO U.S. Appl. No. 12/882,106, Aug. 26, 2013, 3 pages. |
| “1E WakeUp”, Published by 1E, Archived Jul. 24, 2008, Available online: http://web.archive.org/web/20080724185718/http://www.1e.com/SoftwareProducts/1EWakeUp/faq.aspx, 10 pages. |
| “Last Man Standing”, IBM, http://www-01.ibm.com/support/docview.wss?uid=swg21506077; Accessed online Sep. 17, 2013, 3 pages. |
| Sherif, Mostafa H. , “Algorithms and Architectures for Security”, Chapter 3, Published in “Protocols for Secure Electronic Commerce, Second Edition”, CRC Press: Sep. 2004, 101 pages. |
| Response to Office Action filed Nov. 8, 2013, U.S. Appl. No. 12/878,881, 12 pages. |
| Number | Date | Country | |
|---|---|---|---|
| 20110066951 A1 | Mar 2011 | US | |
| 20140223324 A9 | Aug 2014 | US |
| Number | Date | Country | |
|---|---|---|---|
| 61242278 | Sep 2009 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 10804799 | Mar 2004 | US |
| Child | 12142723 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 12142723 | Jun 2008 | US |
| Child | 12882023 | US |
