| CPC H04L 63/20 (2013.01) [H04L 63/107 (2013.01); H04L 63/108 (2013.01); H04L 63/1433 (2013.01)] | 16 Claims |
|
1. A method of endpoint compliance evaluation and remediation for a network of endpoints having changing network communication states, the method comprising:
performing a first batch endpoint assessment at a first time during which a first subset and a third subset of the endpoints are active, and a second subset of the endpoints is inactive;
responsive to the first batch endpoint assessment, receiving a first set of assessment indicators from each of the endpoints, the first set including an indication of a compliant state from the first subset and the third subset that are active and an indication of a communicative state from the second subset that is inactive;
generating a first device status array based on the first set, the first device status array indicating statuses of the endpoints at the first time;
performing a second batch endpoint assessment at a second time, the second time being during an assessment period and following the first time, wherein the second subset and the third subset are active at the second time and the first subset is inactive at the second time;
responsive to the second batch endpoint assessment, receiving a second set of assessment indicators from each of the endpoints, the second set including an indication of a compliant state from the second and the third subsets that are active and an indication of a communicative state from the first subset that is inactive;
generating a second device status array based on the second set, the second device status array indicating the statuses of the endpoints at the second time;
generating a final device status array, the generating including populating the final device status array with the first device status array;
deduplicating statuses of the endpoints in the first set of assessment indicators and the second set of assessment indicators, wherein the deduplication includes:
comparing the second device status array and the first device status array to identify a compliant state difference between the first batch endpoint assessment and the second batch endpoint assessment; and
responsive to the identified compliant state difference of a particular endpoint including a change from a noncompliant state or a non-communicative state to a compliant state, updating a status of the particular endpoint to the compliant state in the final device status array; and
after the assessment period:
determining whether a second endpoint has a noncompliant state; and
responsive to the second endpoint having the noncompliant state, mitigating the second endpoint by initiating an action at the second endpoint to change a state of the second endpoint and bring the second endpoint into compliance.
|