公开(公告)号：US20240031411A1

公开(公告)日：2024-01-25

申请号：US17871827

申请日：2022-07-22

Applicant: Cisco Technology, Inc.

Inventor： Doron Levari ,  Tariq Ahmed Farhan ,  Vincent E. Parla ,  Ido Tamir ,  Adam Bragg ,  Jason M. Perry

IPC: H04L9/40

CPC classification number: H04L63/20 ,  H04L63/1416

Abstract: This disclosure describes techniques and mechanisms for defining dynamic security compliance in networks to proactively prevent security policy violations from being added and/or made, retroactively and continuously identify security policy violations based on data from the changing threat landscape, and provide auto-remediation of non-compliant security policies. The techniques enable automated security policies and provide improved network security against a dynamic threat landscape.

公开(公告)号：US10182055B2

公开(公告)日：2019-01-15

申请号：US15426702

申请日：2017-02-07

Applicant: Cisco Technology, Inc.

Inventor： Joe Lawrence ,  Jason M. Perry ,  Yedidya Dotan ,  Denis Knjazihhin ,  Umesh Kumar Miglani

IPC: G06F17/00 ,  H04L29/06

Abstract: A management entity communicates over a network with devices on which security rules are configured to control network access. Data that indicates a hit count for each security rule across the devices is repeatedly collected from the devices. The indicated hit counts for each security rule are aggregated over different repeating time intervals to produce repeatedly aggregated hit counts for respective ones of the different repeating time intervals. The security rules are generated for display on a user interface screen as selectable options. Responsive to a selection of one of the security rules, a selected security rule and most recently aggregated hit counts for the different repeating time intervals for the selected security rule are generated for concurrent display on the user interface screen. The display of the most recently aggregated hit counts for the selected security rule is updated as time progresses.

公开(公告)号：US20160344743A1

公开(公告)日：2016-11-24

申请号：US14725489

申请日：2015-05-29

Applicant: Cisco Technology, Inc.

Inventor： Yedidya Dotan ,  Jason M. Perry ,  Denis Knjazihhin ,  Zachary D. Siswick ,  Sachin Vasant

IPC: H04L29/06 ,  G06F17/30

CPC classification number: H04L63/108 ,  G06F17/30554 ,  G06F17/30867 ,  H04L63/0227 ,  H04L63/0263

Abstract: A method is performed at a management device to manage multiple network security devices over a network. The security devices are configured to control access to network accessible resources. A query is received. In response to the received query, a respective native security rule that references the specific resource is collected from each security device, where each native security rule is based on a respective native rule model associated with the security device from which the native security rule is collected. Each native security rule is translated into a respective normalized rule that is based on a generic rule model. The respective normalized rules are compared to each other to generate compare results. Based on the compare results, an indication of whether each security device allows or blocks access to the specific resource is generated.

Abstract translation: 在管理设备上执行一种方法来通过网络来管理多个网络安全设备。 安全设备被配置为控制对网络可访问资源的访问。 接收到查询。 响应于所接收的查询，从每个安全设备收集引用特定资源的相应本地安全规则，其中每个本地安全规则基于与从其收集本机安全规则的安全设备相关联的相应原生规则模型 。 每个本地安全规则被转换为基于通用规则模型的相应的归一化规则。 将相应的归一化规则相互比较以产生比较结果。 基于比较结果，生成每个安全设备是否允许或阻止对特定资源的访问的指示。

公开(公告)号：US20170317999A1

公开(公告)日：2017-11-02

申请号：US15139750

申请日：2016-04-27

Applicant: Cisco Technology, Inc.

Inventor： Denis Knjazihhin ,  Yedidya Dotan ,  Christopher Duane ,  Jason M. Perry

IPC: H04L29/06 ,  G06F9/44 ,  H04L29/08

CPC classification number: H04L63/08 ,  G06F9/4416 ,  G06F21/575 ,  H04L63/0884 ,  H04L67/28

Abstract: Presented herein are techniques for remotely releasing bootstrap credentials to a cloud management proxy device. In particular, a cloud management proxy device that is associated with a cloud system commences a boot operation. The cloud management proxy device then initiates a remote credential release process to obtain the bootstrap credentials, which are useable by the cloud management proxy device to complete the boot operation. Upon completion of the remote credential release process, the bootstrap credentials are received from a remote credential manager system.

公开(公告)号：US20170353459A1

公开(公告)日：2017-12-07

申请号：US15426702

申请日：2017-02-07

Applicant: Cisco Technology, Inc.

Inventor： Joe Lawrence ,  Jason M. Perry ,  Yedidya Dotan ,  Denis Knjazihhin ,  Umesh Kumar Miglani

IPC: H04L29/06

CPC classification number: H04L63/10 ,  H04L63/0263 ,  H04L63/20

Abstract: A management entity communicates over a network with devices on which security rules are configured to control network access. Data that indicates a hit count for each security rule across the devices is repeatedly collected from the devices. The indicated hit counts for each security rule are aggregated over different repeating time intervals to produce repeatedly aggregated hit counts for respective ones of the different repeating time intervals. The security rules are generated for display on a user interface screen as selectable options. Responsive to a selection of one of the security rules, a selected security rule and most recently aggregated hit counts for the different repeating time intervals for the selected security rule are generated for concurrent display on the user interface screen. The display of the most recently aggregated hit counts for the selected security rule is updated as time progresses.

公开(公告)号：US09641540B2

公开(公告)日：2017-05-02

申请号：US14725489

申请日：2015-05-29

Applicant: Cisco Technology, Inc.

Inventor： Yedidya Dotan ,  Jason M. Perry ,  Denis Knjazihhin ,  Zachary D. Siswick ,  Sachin Vasant

IPC: H04L29/06 ,  G06F17/30

CPC classification number: H04L63/108 ,  G06F17/30554 ,  G06F17/30867 ,  H04L63/0227 ,  H04L63/0263

Abstract: A method is performed at a management device to manage multiple network security devices over a network. The security devices are configured to control access to network accessible resources. A query is received. In response to the received query, a respective native security rule that references the specific resource is collected from each security device, where each native security rule is based on a respective native rule model associated with the security device from which the native security rule is collected. Each native security rule is translated into a respective normalized rule that is based on a generic rule model. The respective normalized rules are compared to each other to generate compare results. Based on the compare results, an indication of whether each security device allows or blocks access to the specific resource is generated.