08904529 cites 49 patents.

Network traffic is monitored to detect attempted inter-network communications, including attempts by devices internal to the network to communicate with resources external to the network and attempts by devices external to the network to establish VPN sessions with resources internal to the network. Upon detecting an attempted inter-network communication, the device responsible for initiating such communication is identified. Then, it is determined whether the identified device is running a valid protection agent. If so, the attempted inter-network communication is permitted. If not, the attempted inter-network communication is blocked in compliance with a network security policy and the identified device is prompted to download and install a protection agent from a designated storage location, or to activate a previously installed protection device. The prompt may include a hyperlink for initiating download of the protection agent.

Title
Automated deployment of protection agents to devices connected to a computer network
Application Number
11/517165
Publication Number
8904529 (B2)
Application Date
September 7, 2006
Publication Date
December 2, 2014
Inventor
Matthew Ward
Atlanta
GA, US
Agent
King & Spalding
Assignee
International Business Machines Corporation
NY, US
IPC
H04L 29/06
View Original Source