logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 8539545 B1

PDFFull Text
Date of Patent:
Sep. 17, 2013

Filed:

Jul. 22, 2010

Domain-based security policies

Applicants:

Anoop Kartha, Sunnyvale, CA (US);

Kamil Imtiaz, San Jose, CA (US);

Ahzam Ali, Bangalore, IN;

Amarnath Bachhu Satyan, Bangalore, IN;

Firdousi Zackariya, Bangalore, IN;

Nadeem Khan, Bangalore, IN;

Sanjay Agarwal, Fremont, CA (US);

Inventors:

Anoop Kartha, Sunnyvale, CA (US);

Kamil Imtiaz, San Jose, CA (US);

Ahzam Ali, Bangalore, IN;

Amarnath Bachhu Satyan, Bangalore, IN;

Firdousi Zackariya, Bangalore, IN;

Nadeem Khan, Bangalore, IN;

Sanjay Agarwal, Fremont, CA (US);

Assignee:

Juniper Networks, Inc., Sunnyvale, CA (US);

Attorney:

Shumaker & Sieffert, P.A.

Primary Examiner:

April Y Blair

Assistant Examiner:

Joseph Pan

Int. Cl.
CPC ...
H04L 29/06 (2006.01);
U.S. Cl.
CPC ...
Abstract

An example network system includes a plurality of endpoint computing resources, a business policy graph of a network that includes a set of the plurality of endpoint computing resources configured as a security domain, a set of policy enforcement points ('PEPs') configured to enforce network policies, and a network management module ('NMM'). The NMM is configured to receive an indication of a set of network policies to apply to the security domain, automatically determine a subset of PEPs of the set of PEPs are required to enforce the set of network policies based on physical network topology information readable by the NMM that includes information about the location of the endpoint computing resources and the set of PEPs within the network, and apply the network policies to the subset of PEPs in order to enforce the network policies against the set of endpoint computing resources of the security domain.

Find Patent Forward Citations

Loading…