公开(公告)号：US20240275794A1

公开(公告)日：2024-08-15

申请号：US18646095

申请日：2024-04-25

Applicant: Cisco Technology, Inc.

Inventor： Sharif Mufid-Sharif Anani ,  Omar Abduljaber ,  Christopher Carl Cassell ,  Marc Neuberger ,  David Steven Gross ,  Luis Daniel Mendez

IPC: H04L9/40

CPC classification number: H04L63/108 ,  H04L63/0807 ,  H04L63/083 ,  H04L2463/082

Abstract: According to an embodiment, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise determining that an endpoint device has requested to discover a location of a protected resource that is protected by a gateway, determining whether the endpoint device has provided a token that is valid, and permitting the endpoint device to discover the location of the protected resource based on determining that the endpoint device has provided the token that is valid. The token indicates that the endpoint device successfully completed a first multi-factor authentication procedure in connection with accessing an authentication enforcement resource.

公开(公告)号：US20240048560A1

公开(公告)日：2024-02-08

申请号：US18476896

申请日：2023-09-28

Applicant: Cisco Technology, Inc.

Inventor： Jon Oberheide ,  Adam Goodman ,  Michael Hanley ,  Peter Johnson ,  Omar Abduljaber ,  James Barclay

IPC: H04L9/40 ,  H04W12/06

CPC classification number: H04L63/0876 ,  H04L63/101 ,  H04L63/102 ,  H04W12/06 ,  H04L63/205 ,  H04W12/08

Abstract: A system and method for mitigating security vulnerabilities of a computer network by detecting a management status of an endpoint computing device attempting to authenticate to one or more computing resources accessible via the computer network includes: detecting an authentication attempt by the endpoint computing device to the computer network; during the authentication attempt, collecting management status indicia from the endpoint computing device, wherein the management status indicia comprise data used to determine a management status of the endpoint computing device; using the management status indicia to identify the management status of the endpoint computing device and identifying the management status of the endpoint computing device; and controlling access to the computer network based on (a) whether the authentication attempt by the endpoint computing device is successful and (b) the identified management status of the endpoint computing device.

公开(公告)号：US20230126355A1

公开(公告)日：2023-04-27

申请号：US17506956

申请日：2021-10-21

Applicant: Cisco Technology, Inc.

Inventor： Sharif Mufid-Sharif Anani ,  Omar Abduljaber ,  Christopher Carl Cassell ,  Marc Neuberger ,  David Steven Gross ,  Luis Daniel Mendez

IPC: H04L29/06

Abstract: According to an embodiment, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise determining that an endpoint device has requested to discover a location of a protected resource that is protected by a gateway, determining whether the endpoint device has provided a token that is valid, and permitting the endpoint device to discover the location of the protected resource based on determining that the endpoint device has provided the token that is valid. The token indicates that the endpoint device successfully completed a first multi-factor authentication procedure in connection with accessing an authentication enforcement resource.

公开(公告)号：US12003512B2

公开(公告)日：2024-06-04

申请号：US17506956

申请日：2021-10-21

Applicant: Cisco Technology, Inc.

Inventor： Sharif Mufid-Sharif Anani ,  Omar Abduljaber ,  Christopher Carl Cassell ,  Marc Neuberger ,  David Steven Gross ,  Luis Daniel Mendez

IPC: H04L29/00 ,  H04L9/40

CPC classification number: H04L63/108 ,  H04L63/0807 ,  H04L63/083 ,  H04L2463/082

Abstract: According to an embodiment, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise determining that an endpoint device has requested to discover a location of a protected resource that is protected by a gateway, determining whether the endpoint device has provided a token that is valid, and permitting the endpoint device to discover the location of the protected resource based on determining that the endpoint device has provided the token that is valid. The token indicates that the endpoint device successfully completed a first multi-factor authentication procedure in connection with accessing an authentication enforcement resource.