公开(公告)号：US20180367541A1

公开(公告)日：2018-12-20

申请号：US15794908

申请日：2017-10-26

Applicant: Cisco Technology, Inc.

Inventor： Kannan Ponnuswamy ,  Navneet Yadav ,  Arvind Chari

IPC: H04L29/06

CPC classification number: H04L63/101 ,  H04L63/20

Abstract: Systems, methods, and computer-readable media for migrating to and maintaining a white-list network security model. Network traffic identified from permit-all access logs can be analyzed to determine whether it should be white-listed, and if so, a specific permit-access, without logging, policy is generated for the identified network traffic. The addition of specific permit-access policies is repeated on permit-all access logs, at which point, permit-all access policy is converted into deny-all access. In some examples, a system or method can obtain hit counts, from both hardware (eg: TCAM) and software tables, for the specific permit-access policy to determine existence of identified network traffic over a period of time. After analyzing hit counts, the specific permit-access policy can either continue to exist or be removed to maintain a white-list network security model.