Policy enforcement using host information profile

摘要

Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.

主权项

1. A system, comprising:
a client device configured to:
send queries to a plurality of gateways;receive responses from the plurality of gateways; andselect a gateway to send network traffic based on a response time for receiving a response; and the selected gateway, comprising: a hardware processor configured to:
receive a host information profile report from the client device, wherein the host information profile report includes device profile information associated with the client device;determine a user name relating to the client device, wherein the user name corresponds to an Internet Protocol (IP) of the client device;identify an application generating network traffic from the client device, wherein the network traffic involves Hypertext Transfer Protocol (HTTP) traffic, File Transfer Protocol (FTP) traffic, a Domain Name System (DNS) request, unknown traffic, or any combination thereof; andenforce a security policy for network access based on the determined user name, the identified application, and the host information profile report, wherein the host information profile report includes a) device hardware information including a type of device, a general processor, a network processor, or any combination thereof, b) device software information including an operating system identifier, an operating system patch level, a security application, security data file level, and date of last scan performed by the security application, and c) the device software information including remediation information; andwherein the enforcing of the security policy includes:
determine whether the host information profile report includes the security application, the remediation information, or a combination thereof;in the event that the host information profile report includes the remediation information, determine whether the client device has disabled or uninstalled remediation software; andin the event that the host information profile report includes the security application, determine whether real-time protection or auto protection is enabled; and a memory coupled to the hardware processor and configured to provide the hardware processor with instructions.