公开(公告)号：US10296744B1

公开(公告)日：2019-05-21

申请号：US14864116

申请日：2015-09-24

Applicant: Cisco Technology, Inc.

Inventor： David McGrew ,  Kenneth S. Beck ,  Jyoti Verma ,  Jason R. Brvenik

IPC: G06F21/56

Abstract: A method and related apparatus for performing inspection of flows within a software defined network includes monitoring an indicator indicative of a presence of malware in a selected flow in an electronic communications network, when the indicator suggests the presence of malware in the selected flow, requesting a network device to redirect the selected flow, or to copy the selected flow and send a resulting copy of the selected flow, to a security appliance, and causing the security appliance to be reconfigured in response to the indicator that suggest the presence of malware in the selected flow.

公开(公告)号：US11233742B2

公开(公告)日：2022-01-25

申请号：US16674693

申请日：2019-11-05

Applicant: Cisco Technology, Inc.

Inventor： Samir Dilipkumar Saklikar ,  Jayaraman Iyer ,  Robin Edgard Martherus ,  Morteza Ansari ,  Jyoti Verma

IPC: H04L12/813 ,  H04L12/24 ,  H04L12/26 ,  H04L29/08

Abstract: One or more lower-level attributes of a first network policy are translated to one or more higher-level attributes of the first network policy, and one or more lower-level attributes of a second network policy are translated to one or more higher-level attributes of the second network policy. The first network policy controls how first network traffic is handled, and the second network policy controls how second network traffic is handled. The one or more higher-level attributes of the first network policy are compared with the one or more higher-level attributes of the second network policy. Based on the comparing, it is determined whether the first network traffic and the second network traffic are handled in a functionally equivalent manner. If not, the first network policy is dynamically updated to generate an updated first network policy that causes the first network traffic to be handled in the functionally equivalent manner.

公开(公告)号：US10313396B2

公开(公告)日：2019-06-04

申请号：US15475235

申请日：2017-03-31

Applicant: Cisco Technology, Inc.

Inventor： Eric A. Voit ,  Jyoti Verma

IPC: H04L29/06

Abstract: Techniques are provided by which devices in a network may subscribe to a rapidly changing rules in central threat repository. The policies associated with threats are filtered so that just current attack vectors from within subnets learned via routing and/or forwarding information (at the network level of the network) are installed in the local access control list/policy database of the network devices. As routing changes occur, the list of applied policies are continually refined/revisited and pulled from a central security application. Publish/subscribe mechanisms ensure “zombie” policies are not left over in the device after reboot or routing changes occur.

公开(公告)号：US20210135995A1

公开(公告)日：2021-05-06

申请号：US16674693

申请日：2019-11-05

Applicant: Cisco Technology, Inc.

Inventor： Samir Dilipkumar Saklikar ,  Jayaraman Iyer ,  Robin Edgard Martherus ,  Morteza Ansari ,  Jyoti Verma

IPC: H04L12/813 ,  H04L12/26 ,  H04L12/24

Abstract: One or more lower-level attributes of a first network policy are translated to one or more higher-level attributes of the first network policy, and one or more lower-level attributes of a second network policy are translated to one or more higher-level attributes of the second network policy. The first network policy controls how first network traffic is handled, and the second network policy controls how second network traffic is handled. The one or more higher-level attributes of the first network policy are compared with the one or more higher-level attributes of the second network policy. Based on the comparing, it is determined whether the first network traffic and the second network traffic are handled in a functionally equivalent manner. If not, the first network policy is dynamically updated to generate an updated first network policy that causes the first network traffic to be handled in the functionally equivalent manner.

公开(公告)号：US20180139240A1

公开(公告)日：2018-05-17

申请号：US15475235

申请日：2017-03-31

Applicant: Cisco Technology, Inc.

Inventor： Eric A. Voit ,  Jyoti Verma

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/1433

Abstract: Techniques are provided by which devices in a network may subscribe to a rapidly changing rules in central threat repository. The policies associated with threats are filtered so that just current attack vectors from within subnets learned via routing and/or forwarding information (at the network level of the network) are installed in the local access control list/policy database of the network devices. As routing changes occur, the list of applied policies are continually refined/revisited and pulled from a central security application. Publish/subscribe mechanisms ensure “zombie” policies are not left over in the device after reboot or routing changes occur.