| CPC G06F 21/554 (2013.01) [G06F 21/552 (2013.01); H04L 63/20 (2013.01); G06F 2221/034 (2013.01)] | 17 Claims |
|
1. A computer-implemented method for operating an endpoint core at an endpoint device, the method comprising:
providing the endpoint device with an endpoint agent, the endpoint device and the endpoint agent providing a protected endpoint, the protected endpoint comprising the endpoint core, the endpoint core comprising a subscription manager, a collector application program interface communicating with the subscription manager, an agent application program interface communicating with the subscription manager and an integrity manager communicating with the subscription manager, the collector application program interface and the agent application program interface allowing the endpoint agent to communicate with endpoint collectors;
receiving, at the endpoint core, an event subscription request from the endpoint agent over a message bus; and
managing, by the endpoint core, communication of events for processing by the endpoint agent based on the event subscription request so that events to which the endpoint agent has subscribed are selectively processed at the endpoint agent, wherein
said managing is performed using an event filter of the endpoint core configured to place only events associated with the event subscription request from the endpoint device on the message bus and the subscription manager of the endpoint core configured to distribute events associated with the event subscription request received from one or more endpoint collectors to the endpoint agent;
said managing includes checking integrity of files implementing the endpoint agent and checking integrity of files being loaded on the endpoint device, said checking integrity of files implement the endpoint agent and checking integrity of files being loaded on the endpoint device being performed by the integrity manager;
the endpoint core, endpoint agent, and one or more endpoint collectors cooperate with one another as resources of a unified endpoint system; and
the endpoint core dynamically reconfigures at least one of the endpoint collectors and the endpoint agent during operation of the endpoint device to prevent at least one of overutilization and underutilization of the resources of the unified endpoint system.
|