Analyzing network traffic for layer-specific corrective actions in a cloud computing environment
First Claim
1. An analysis device, comprising:
- one or more processors to;
receive information that identifies a set of rules for analyzing network traffic associated with a cloud computing environment,the set of rules identifying a threshold number of login attempts from a particular IP address, andthe set of rules identifying a set of layers of the cloud computing environment at which to perform a set of actions based on one or more conditions being satisfied,the set of layers including a plurality of layers;
receive network traffic information associated with the cloud computing environment,the network traffic information being associated with network traffic transmitted to or transmitted from the cloud computing environment;
analyze the network traffic information using the set of rules;
identify a particular layer, of the set of layers, that satisfies the one or more conditions based on analyzing the network traffic information using the set of rules; and
cause the set of actions to be performed,the set of actions including;
a denial of access to a particular resource of the particular layer based on the particular layer satisfying the one or more conditions, anda permission of access to one or more other layers of the set of layers.
1 Assignment
0 Petitions
Accused Products
Abstract
A device may receive information that identifies a set of rules for analyzing network traffic associated with a cloud computing environment. The device may receive network traffic information associated with the cloud computing environment. The network traffic information may be associated with network traffic transmitted to or transmitted from the cloud computing environment. The device may analyze the network traffic information using the set of rules, and may identify an action to be performed based on analyzing the network traffic information using the set of rules. The device may identify a layer of the cloud computing environment, at which to perform the action, based on analyzing the network traffic information using the set of rules. The device may cause the action to be performed to modify a configuration associated with the layer of the cloud computing environment.
35 Citations
20 Claims
-
1. An analysis device, comprising:
one or more processors to; receive information that identifies a set of rules for analyzing network traffic associated with a cloud computing environment, the set of rules identifying a threshold number of login attempts from a particular IP address, and the set of rules identifying a set of layers of the cloud computing environment at which to perform a set of actions based on one or more conditions being satisfied, the set of layers including a plurality of layers; receive network traffic information associated with the cloud computing environment, the network traffic information being associated with network traffic transmitted to or transmitted from the cloud computing environment; analyze the network traffic information using the set of rules; identify a particular layer, of the set of layers, that satisfies the one or more conditions based on analyzing the network traffic information using the set of rules; and cause the set of actions to be performed, the set of actions including; a denial of access to a particular resource of the particular layer based on the particular layer satisfying the one or more conditions, and a permission of access to one or more other layers of the set of layers. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A non-transitory computer-readable medium storing instructions, the instructions comprising:
one or more instructions that, when executed by one or more processors, cause the one or more processors to; receive information that identifies a set of rules for analyzing network traffic associated with a cloud computing environment, the set of rules identifying a threshold number of login attempts from a particular IP address, and the set of rules identifying a set of layers of the cloud computing environment at which to perform a set of actions based on one or more conditions being satisfied, the set of layers including a plurality of layers; receive network traffic information associated with the cloud computing environment, the network traffic information being associated with network traffic transmitted to or transmitted from the cloud computing environment; analyze the network traffic information using the set of rules; identify a particular layer, of the set of layers, that satisfies the one or more conditions based on analyzing the network traffic information using the set of rules; and cause the set of actions to be performed, the set of actions including; a denial of access to a particular resource of the particular layer based on the particular layer satisfying the one or more conditions, and a permission of access to one or more other layers of the set of layers. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. A method, comprising:
-
receiving, by an analysis device, information that identifies a set of rules for analyzing network traffic associated with a cloud computing environment, the set of rules identifying a threshold number of login attempts from a particular device, and the set of rules identifying a set of layers of the cloud computing environment at which to perform one or more actions based on one or more conditions being satisfied, the set of layers including a plurality of layers; receiving, by the analysis device, network traffic information associated with the cloud computing environment, the network traffic information being associated with network traffic transmitted to or transmitted from the cloud computing environment; analyzing, by the analysis device, the network traffic information using the set of rules; identifying, by the analysis device, a particular layer, of the set of layers, that satisfies the one or more conditions based on analyzing the network traffic information using the set of rules; and causing, by the analysis device, the one or more actions to be performed, the one or more actions including at least one of; a denial of access to a particular resource of the particular layer based on the particular layer satisfying the one or more conditions, and a permission of access to one or more other layers of the set of layers. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification