The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Dec. 14, 2021
Filed:
Jun. 06, 2019
Cisco Technology, Inc., San Jose, CA (US);
Vamsidhar Valluri, Santa Clara, CA (US);
Saravanan Radhakrishnan, Bangalore, IN;
Anand Oswal, Pleasanton, CA (US);
Vinay Prabhu, Milpitas, CA (US);
Sarah Adelaide Evans, San Jose, CA (US);
Suraj Rangaswamy, San Jose, CA (US);
CISCO TECHNOLOGY, INC., San Jose, CA (US);
Abstract
Systems and methods provide for provisioning a dynamic intent-based firewall. A network controller can generate a master route table for network segments reachable from edge network devices managed by the controller. The controller can receive zone definition information mapping the network segments into zones and Zone-based Firewall (ZFW) policies to apply to traffic between a source and destination zone specified by each ZFW policy. The controller can evaluate a ZFW policy to determine first edge network devices that can reach first network segments mapped to the source zone specified by the ZFW policy, second edge network devices that can reach second network segments mapped to the destination zone specified by the ZFW policy, and routing information (from the route table) between the first network segments, the first and second edge network devices, and the second network segments. The controller can transmit the routing information to the edge network devices.