公开(公告)号：US20160212166A1

公开(公告)日：2016-07-21

申请号：US14600418

申请日：2015-01-20

Applicant: Cisco Technology, Inc.

Inventor： Shawn Henry ,  Robin Martherus ,  Sanjay Agarwal

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/604 ,  H04L41/28 ,  H04L63/10 ,  H04L63/102

Abstract: A management entity discovers security devices connected to a network. Each security device controls access to resources by devices associated with the security device according to a corresponding native security policy that is based on a corresponding native policy model associated with the security device. The management entity imports the native security policies from the corresponding security devices over the network, and normalizes the imported native security policies across the security devices based on a generic policy model, to produce normalized security policies that are based on the generic policy model and representative of the native security polices. The management entity receives security events from the security devices, and processes the received security events among the security devices based on the normalized security policies.

Abstract translation: 管理实体发现连接到网络的安全设备。 每个安全设备根据与基于安全设备相关联的对应本地策略模型的对应本地安全策略来控制与安全设备相关联的设备对资源的访问。 管理实体通过网络从相应的安全设备导入本地安全策略，并根据通用策略模型在安全设备之间规范化导入的本地安全策略，以生成基于通用策略模型和代表的规范化安全策略 的本地安全政策。 管理实体从安全设备接收安全事件，并根据规范化的安全策略对安全设备之间接收的安全事件进行处理。

公开(公告)号：US09531757B2

公开(公告)日：2016-12-27

申请号：US14600418

申请日：2015-01-20

Applicant: Cisco Technology, Inc.

Inventor： Shawn Henry ,  Robin Martherus ,  Sanjay Agarwal

IPC: H04L29/06 ,  G06F21/60

CPC classification number: H04L63/20 ,  G06F21/604 ,  H04L41/28 ,  H04L63/10 ,  H04L63/102

Abstract: A management entity discovers security devices connected to a network. Each security device controls access to resources by devices associated with the security device according to a corresponding native security policy that is based on a corresponding native policy model associated with the security device. The management entity imports the native security policies from the corresponding security devices over the network, and normalizes the imported native security policies across the security devices based on a generic policy model, to produce normalized security policies that are based on the generic policy model and representative of the native security polices. The management entity receives security events from the security devices, and processes the received security events among the security devices based on the normalized security policies.

Abstract translation: 管理实体发现连接到网络的安全设备。 每个安全设备根据与基于安全设备相关联的对应本地策略模型的对应本地安全策略来控制与安全设备相关联的设备对资源的访问。 管理实体通过网络从相应的安全设备导入本地安全策略，并根据通用策略模型在安全设备之间规范化导入的本地安全策略，以生成基于通用策略模型和代表的规范化安全策略 的本地安全政策。 管理实体从安全设备接收安全事件，并根据规范化的安全策略对安全设备之间接收的安全事件进行处理。