INTENT-BASED ENTERPRISE SECURITY USING DYNAMIC LEARNING OF NETWORK SEGMENT PREFIXES

INTENT-BASED ENTERPRISE SECURITY USING DYNAMIC LEARNING OF NETWORK SEGMENT PREFIXES

In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator c...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Nadeem, FNU, Uppuluri, Shanmukh, Majumdar, Kaushik Dutta
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Nadeem, FNU
Uppuluri, Shanmukh
Majumdar, Kaushik Dutta
description In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US2022321604A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US2022321604A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US2022321604A13</originalsourceid><addsrcrecordid>eNrjZAj29Atx9QvRdXIMdnVRALJcgwKCPINdFYJdnUODPEMiFUKBStwVXCL9HH09nRV8XB2D_EAC_m4Kfq4h4f5B3kCl7r5AnQoBQa5unhGuwTwMrGmJOcWpvFCam0HZzTXE2UM3tSA_PrW4IDE5NS-1JD402MjAyMjYyNDMwMTR0Jg4VQD1xDEk</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>INTENT-BASED ENTERPRISE SECURITY USING DYNAMIC LEARNING OF NETWORK SEGMENT PREFIXES</title><source>esp@cenet</source><creator>Nadeem, FNU ; Uppuluri, Shanmukh ; Majumdar, Kaushik Dutta</creator><creatorcontrib>Nadeem, FNU ; Uppuluri, Shanmukh ; Majumdar, Kaushik Dutta</creatorcontrib><description>In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.</description><language>eng</language><subject>CALCULATING ; COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>2022</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20221006&amp;DB=EPODOC&amp;CC=US&amp;NR=2022321604A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25542,76290</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20221006&amp;DB=EPODOC&amp;CC=US&amp;NR=2022321604A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Nadeem, FNU</creatorcontrib><creatorcontrib>Uppuluri, Shanmukh</creatorcontrib><creatorcontrib>Majumdar, Kaushik Dutta</creatorcontrib><title>INTENT-BASED ENTERPRISE SECURITY USING DYNAMIC LEARNING OF NETWORK SEGMENT PREFIXES</title><description>In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.</description><subject>CALCULATING</subject><subject>COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2022</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZAj29Atx9QvRdXIMdnVRALJcgwKCPINdFYJdnUODPEMiFUKBStwVXCL9HH09nRV8XB2D_EAC_m4Kfq4h4f5B3kCl7r5AnQoBQa5unhGuwTwMrGmJOcWpvFCam0HZzTXE2UM3tSA_PrW4IDE5NS-1JD402MjAyMjYyNDMwMTR0Jg4VQD1xDEk</recordid><startdate>20221006</startdate><enddate>20221006</enddate><creator>Nadeem, FNU</creator><creator>Uppuluri, Shanmukh</creator><creator>Majumdar, Kaushik Dutta</creator><scope>EVB</scope></search><sort><creationdate>20221006</creationdate><title>INTENT-BASED ENTERPRISE SECURITY USING DYNAMIC LEARNING OF NETWORK SEGMENT PREFIXES</title><author>Nadeem, FNU ; Uppuluri, Shanmukh ; Majumdar, Kaushik Dutta</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US2022321604A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2022</creationdate><topic>CALCULATING</topic><topic>COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>Nadeem, FNU</creatorcontrib><creatorcontrib>Uppuluri, Shanmukh</creatorcontrib><creatorcontrib>Majumdar, Kaushik Dutta</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Nadeem, FNU</au><au>Uppuluri, Shanmukh</au><au>Majumdar, Kaushik Dutta</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>INTENT-BASED ENTERPRISE SECURITY USING DYNAMIC LEARNING OF NETWORK SEGMENT PREFIXES</title><date>2022-10-06</date><risdate>2022</risdate><abstract>In an example, systems and methods enable automatic implementation of intent-based security policies in a network system, such as a software-defined wide area network system, in which network segment prefixes for network segments at one or more sites are dynamically learned. A service orchestrator controller translates an intent-based security policy input by a user to a security policy for a first site. The security policy for the first site specifies a segment-specific queryable resource associated with a second site. To implement the security policy, a device associated with the first site queries the segment-specific queryable resource associated with the second site, and updates one or more forwarding tables of the device with the network segment prefixes associated with one or more network segments at the second site received in response to the query. The first site forwards network traffic to the second site based on the updated forwarding tables.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US2022321604A1
source esp@cenet
subjects CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
title INTENT-BASED ENTERPRISE SECURITY USING DYNAMIC LEARNING OF NETWORK SEGMENT PREFIXES
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-29T02%3A34%3A48IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Nadeem,%20FNU&rft.date=2022-10-06&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS2022321604A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true