公开(公告)号：US10135841B2

公开(公告)日：2018-11-20

申请号：US14983983

申请日：2015-12-30

Applicant: Juniper Networks, Inc.

Inventor： Lisa M. Beam ,  Lyubov Nesteroff ,  Natalia L. Shimuk ,  Amol Sood ,  Rene Chavez ,  Olga M. Towstopiat ,  Nadeem Khan ,  Ahzam Ali ,  Dharmendran Arumugam ,  Mayank Betala ,  Shrikanta Sharma

IPC: H04L29/06

Abstract: Techniques are described for taking direct actions, such as selectively blocking or allowing traffic and applications, while monitoring events from a graphical representation of threats. As such, the administrator in an enterprise interacts with the graphical representation of threats rendered by the security management system to automatically invoke a policy/rule module of the security management system to configure and update security policies for the security devices deployed throughout the computer networks of the enterprise. An administrator may, for example, interact with the representation of threats rendered by the threat control module based on the data aggregated from the distributed security devices and, responsive to the interaction, the security management system may identify a relevant set of the security devices, automatically construct security policies having ordered rules within the policies for the identified set of security devices, and automatically communicate and install the policies in the identified set of security devices.

公开(公告)号：US20170126740A1

公开(公告)日：2017-05-04

申请号：US14983999

申请日：2015-12-30

Applicant: Juniper Networks, Inc.

Inventor： Oscar Leonardo Bejarano Ardila ,  Rakesh Manocha ,  Rene Chavez ,  Pradeep Velappan Nair Pushkala Devi ,  Nadeem Khan ,  Mayank Betala ,  Andrew S. Chasin

IPC: H04L29/06

CPC classification number: H04L63/14 ,  H04L63/0263 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/20

Abstract: Techniques are described for optimizing the placement of automatically generated rules within security policies. An administrator may, for example, interact with the graphical representation of rules rendered by the threat control module and, responsive to the interaction, the system may determine an optimal placement for the created rule in the list of rules for the identified security device based on either the existence of anomalies or threat IP data and/or advanced security parameters. In this way, the system allows administrators to configure rules with the most optimal sequence to detect threats.

公开(公告)号：US10382451B2

公开(公告)日：2019-08-13

申请号：US16030330

申请日：2018-07-09

Applicant: Juniper Networks, Inc.

Inventor： Oscar Leonardo Bejarano Ardila ,  Rakesh Manocha ,  Rene Chavez ,  Pradeep Velappan Nair Pushkala Devi ,  Nadeem Khan ,  Mayank Betala ,  Andrew S. Chasin

IPC: H04L29/06

Abstract: Techniques are described for optimizing the placement of automatically generated rules within security policies. An administrator may, for example, interact with the graphical representation of rules rendered by the threat control module and, responsive to the interaction, the system may determine an optimal placement for the created rule in the list of rules for the identified security device based on either the existence of anomalies or threat IP data and/or advanced security parameters. In this way, the system allows administrators to configure rules with the most optimal sequence to detect threats.

公开(公告)号：US20170126727A1

公开(公告)日：2017-05-04

申请号：US14983927

申请日：2015-12-30

Applicant: Juniper Networks, Inc.

Inventor： Lisa M. Beam ,  Lyubov Nesteroff ,  Natalia L. Shimuk ,  Rene Chavez ,  Sujatha P. Subbarao ,  Dennis Park

IPC: H04L29/06

CPC classification number: H04L63/14 ,  H04L63/0263 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/20

Abstract: Techniques are described for taking direct actions, such as selectively blocking or allowing traffic and applications, while monitoring events from a graphical representation of threats. As such, the administrator in an enterprise interacts with the graphical representation of threats rendered by the security management system to automatically invoke a policy/rule module of the security management system to configure and update security policies for the security devices deployed throughout the computer networks of the enterprise. An administrator may, for example, interact with the representation of threats rendered by the threat control module based on the data aggregated from the distributed security devices and, responsive to the interaction, the security management system may identify a relevant set of the security devices, automatically construct security policies having ordered rules within the policies for the identified set of security devices, and automatically communicate and install the policies in the identified set of security devices.

公开(公告)号：US20180332055A1

公开(公告)日：2018-11-15

申请号：US16030330

申请日：2018-07-09

Applicant: Juniper Networks, Inc.

Inventor： Oscar Leonardo Bejarano Ardila ,  Rakesh Manocha ,  Rene Chavez ,  Pradeep Velappan Nair Pushkala Devi ,  Nadeem Khan ,  Mayank Betala ,  Andrew S. Chasin

IPC: H04L29/06

CPC classification number: H04L63/14 ,  H04L63/0263 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/20

Abstract: Techniques are described for optimizing the placement of automatically generated rules within security policies. An administrator may, for example, interact with the graphical representation of rules rendered by the threat control module and, responsive to the interaction, the system may determine an optimal placement for the created rule in the list of rules for the identified security device based on either the existence of anomalies or threat IP data and/or advanced security parameters. In this way, the system allows administrators to configure rules with the most optimal sequence to detect threats.

公开(公告)号：US10021115B2

公开(公告)日：2018-07-10

申请号：US14983999

申请日：2015-12-30

Applicant: Juniper Networks, Inc.

Inventor： Oscar Leonardo Bejarano Ardila ,  Rakesh Manocha ,  Rene Chavez ,  Pradeep Velappan Nair Pushkala Devi ,  Nadeem Khan ,  Mayank Betala ,  Andrew S. Chasin

IPC: H04L29/06

CPC classification number: H04L63/14 ,  H04L63/0263 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/20

Abstract: Techniques are described for optimizing the placement of automatically generated rules within security policies. An administrator may, for example, interact with the graphical representation of rules rendered by the threat control module and, responsive to the interaction, the system may determine an optimal placement for the created rule in the list of rules for the identified security device based on either the existence of anomalies or threat IP data and/or advanced security parameters. In this way, the system allows administrators to configure rules with the most optimal sequence to detect threats.

公开(公告)号：US20170126728A1

公开(公告)日：2017-05-04

申请号：US14983983

申请日：2015-12-30

Applicant: Juniper Networks, Inc.

Inventor： Lisa M. Beam ,  Lyubov Nesteroff ,  Natalia L. Shimuk ,  Amol Sood ,  Rene Chavez ,  Olga M. Towstopiat ,  Nadeem Khan ,  Ahzam Ali ,  Dharmendran Arumugam ,  Mayank Betala ,  Shrikanta Sharma

IPC: H04L29/06

CPC classification number: H04L63/14 ,  H04L63/0263 ,  H04L63/1408 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/20

Abstract: Techniques are described for taking direct actions, such as selectively blocking or allowing traffic and applications, while monitoring events from a graphical representation of threats. As such, the administrator in an enterprise interacts with the graphical representation of threats rendered by the security management system to automatically invoke a policy/rule module of the security management system to configure and update security policies for the security devices deployed throughout the computer networks of the enterprise. An administrator may, for example, interact with the representation of threats rendered by the threat control module based on the data aggregated from the distributed security devices and, responsive to the interaction, the security management system may identify a relevant set of the security devices, automatically construct security policies having ordered rules within the policies for the identified set of security devices, and automatically communicate and install the policies in the identified set of security devices.