公开(公告)号：US20170288988A1

公开(公告)日：2017-10-05

申请号：US15083990

申请日：2016-03-29

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Omar Santos ,  David C. White, JR.

IPC: H04L12/26 ,  H04L29/08

CPC classification number: H04L41/142 ,  H04L41/0631 ,  H04L41/16 ,  H04L63/1425 ,  H04W12/12 ,  H04W84/18 ,  Y04S40/166

Abstract: In one embodiment, a device in a network reserves first and second sets of local resources for an anomaly detection mechanism. The device reports the first set of local resources to a supervisory node in the network. The device applies one or more anomaly detection rules from the supervisory node using the first set of reserved resources. The device receives one or more anomaly detection rules from a peer node in the network. The device applies the one or more anomaly detection rules from the peer node using the second set of reserved resources.

公开(公告)号：US10291480B2

公开(公告)日：2019-05-14

申请号：US15083990

申请日：2016-03-29

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Omar Santos ,  David C. White, Jr.

IPC: G06F15/173 ,  H04L12/24 ,  H04L29/06 ,  H04W12/12 ,  H04W84/18

Abstract: In one embodiment, a device in a network reserves first and second sets of local resources for an anomaly detection mechanism. The device reports the first set of local resources to a supervisory node in the network. The device applies one or more anomaly detection rules from the supervisory node using the first set of reserved resources. The device receives one or more anomaly detection rules from a peer node in the network. The device applies the one or more anomaly detection rules from the peer node using the second set of reserved resources.

公开(公告)号：US20170324765A1

公开(公告)日：2017-11-09

申请号：US15145408

申请日：2016-05-03

Applicant: Cisco Technology, Inc.

Inventor： Mark-David McLaughlin ,  Rajidi P. Reddy ,  Omar Santos

IPC: H04L29/06

CPC classification number: H04L63/1441 ,  H04L63/20

Abstract: Creating security enclaves includes determining one or more parameters of one or more applications and one or more services operating in the network. An optimal number of clusters for grouping the one or more applications and the one or more services is determined based on the one or more parameters. Then, the one or more applications and the one or more services are grouped into the clusters and one or more security enclaves are applied to each of the clusters so as to maximize operational security of the network.

公开(公告)号：US10135859B2

公开(公告)日：2018-11-20

申请号：US15145408

申请日：2016-05-03

Applicant: Cisco Technology, Inc.

Inventor： Mark-David McLaughlin ,  Rajidi P. Reddy ,  Omar Santos

IPC: H04L29/06

Abstract: Creating security enclaves includes determining one or more parameters of one or more applications and one or more services operating in the network. An optimal number of clusters for grouping the one or more applications and the one or more services is determined based on the one or more parameters. Then, the one or more applications and the one or more services are grouped into the clusters and one or more security enclaves are applied to each of the clusters so as to maximize operational security of the network.

公开(公告)号：US20180027009A1

公开(公告)日：2018-01-25

申请号：US15215494

申请日：2016-07-20

Applicant: Cisco Technology, Inc.

Inventor： Omar Santos ,  Jazib Frahim

IPC: H04L29/06

CPC classification number: H04L63/1433 ,  H04L63/1408 ,  H04L63/1441

Abstract: Systems, methods, and computer-readable storage media for determining threat mitigation policies and deploying tested security fixes. In some cases, the present technology involves gathering threat intelligence, identifying a security threat, identifying an application container that is affected by the security threat, determining a threat level for the security threat on the application container, applying a threat mitigation policy to the affected application container, spawning a clone of the affected application container, testing the clone with one or more security fixes, and deploying the clone of the affected container as a replacement for the affected container.

公开(公告)号：US20170061131A1

公开(公告)日：2017-03-02

申请号：US14840419

申请日：2015-08-31

Applicant: Cisco Technology, Inc.

Inventor： Omar Santos ,  Christopher M. McCoy ,  Catherine M. Pearce ,  Carlos M. Pignataro ,  Jeff Apcar

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034 ,  H04L63/123 ,  H04L63/18 ,  H04W4/70 ,  H04W12/10 ,  H04W12/1208

Abstract: Techniques are presented herein that validate integrity of a computing device. A command to a first processor of a security module of the computing device is received through an interface unit of the security module on a communication channel external to the computing device. A configuration of the security module cannot be changed by a second processor of the computing device which executes an operating system and at least one application on the computing device. In response to receiving the command, one or more memory devices of the computing device are directly accessed by the first processor independent from the second processor to validate integrity of the computing device.

Abstract translation: 本文给出了验证计算设备的完整性的技术。 通过安全模块的接口单元在计算设备外部的通信信道上接收对计算设备的安全模块的第一处理器的命令。 安全模块的配置不能由执行操作系统的计算设备的第二处理器和计算设备上的至少一个应用来改变。 响应于接收到命令，独立于第二处理器的第一处理器直接访问计算设备的一个或多个存储器件，以验证计算设备的完整性。