Disclosed are various embodiments for determining whether to initiate a remote device wipe in a mobile device management context. In one example, a system comprises a computing device configured to identify a device wipe condition for a client device and determine a wipe policy associated with the device wipe condition. A time for a time delay is initiated for a device wipe action of the client device. A wipe instruction is transmitted to execute the device wipe action based on an expiration of the time delay for the device wipe action.
G06F 21/50 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
Disclosed are various examples for automatically analyzing telemetry data from managed devices in one or more organizations and alerting information technology (IT) administrators as early as possible when widespread issues are detected. Telemetry data can be collected from managed devices across multiple organizations and/or enterprises. The collected data can be used to identify events (e.g., system crashes, application crashes, system boot times, system shutdown times, application hangs, application foreground/usage events, device central processing unit (CPU) and memory utilization, battery performance, etc.) that may indicate a potential issue in the IT infrastructure. Time-series data associated with the detected events can be generated and analyzed. Upon detection of a potential issue in view of an analysis of the time-series data, an alert can be generated and presented to an IT administrator or other entity who can further analyze and potentially remedy the issue.
Disclosed are various embodiments for conditional time-based one time password token issuance based on locally aggregated device risk. Embodiments of this application can evaluate the security of the client device using mobile threat defense signals or a device posture summary before generating a seed on the client device to ensure the security of all the connected systems as a whole. Additionally, embodiments of this application can evaluate the security of the client device to determine if changes have been made that require a remedial action to be taken. In some embodiments, the client device may be completely disconnected from the network and capable of generating time-based one time passwords, while remaining offline. However, offline attacks may still occur; in such a situation, the client device can determine the security of the device and perform the remedial actions independent of other devices, systems, computing environments, or networks. In at least another embodiment, when the client device is determined to not be secure, the client device can inform the authentication service over a connected network that security issues may exist in the client device and actions may need to be taken at the authentication service to ensure the client does not further compromise the account.
VMWARE INFORMATION TECHNOLOGY (CHINA) CO., LTD. (Chine)
VMWARE LLC (USA)
Inventeur(s)
Gu, Ran
Liu, Wenfeng
Han, Donghai
Shen, Jianjun
Zhou, Zhengsheng
Abrégé
Some embodiments of the invention provide a method for performing data traffic monitoring for a system that includes a set of heterogeneous networks that includes at least an overlay first network layer that is built on top of an underlay second network layer. The method is performed at a federation controller for the system. The method directs (1) a first set of components in the overlay first network layer to perform a first trace operation to trace a packet exchanged between two machines and passing through network components defined in the overlay first network layer and underlay second network layer and (2) a second set of components in the underlay second network layer to perform a second trace operation to trace the packet. The method receives, from the first and second sets of components, first and second sets of trace data collected during the first and second trace operations. The collected trace data includes correlation data for correlating the first and second sets of data. The method uses the correlation data to correlate the first and second sets of trace data to generate a final trace report identifying a complete path traversed by the packet through the overlay first network layer and underlay second network layer.
H04L 43/10 - Surveillance active, p.ex. battement de cœur, utilitaire Ping ou trace-route
H04L 41/0226 - Correspondance ou conversion entre plusieurs protocoles de gestion de réseaux
H04L 41/044 - Architectures ou dispositions de gestion de réseau comprenant des structures de gestion hiérarchisées
H04L 43/04 - Traitement des données de surveillance capturées, p.ex. pour la génération de fichiers journaux
H04L 41/40 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets en utilisant la virtualisation des fonctions réseau ou ressources, p.ex. entités SDN ou NFV
H04L 43/20 - Dispositions pour la surveillance ou le test de réseaux de commutation de données le système de surveillance ou les éléments surveillés étant des entités virtualisées, abstraites ou définies par logiciel, p.ex. SDN ou NFV
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]