Approach to visualize current and historical access policy of a group based policy
First Claim
1. A computer implemented method comprising:
- receiving, by a computing device, a first group based policy having first policy rules and a second group based policy having second policy rules, the first policy rules defining a first range of destination internet protocol addresses, a first range of source internet protocol addresses and a first range of access ports, the second policy rules defining a second range of destination internet protocol addresses, a second range of source internet protocol addresses and a second range of access ports;
based on the first policy rules of the first group based policy, rendering, by the computing device, a first three dimensional representation of the first group based policy;
based on the second policy rules of the second group based policy, rendering, by the computing device, a second three dimensional representation of the second group based policy;
displaying, on the computing device, the first three dimensional representation of the first group based policy and the second three dimensional representation of the second group based policy on a graphical interface; and
displaying a conflict between the first policy rules and the second policy rules via an overlap in the first three dimensional representation of the first group based policy and the second three dimensional representation of the second group based policy on the graphical interface.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and non-transitory computer-readable storage media for visualizing current and historical access policy of a group based policy. A first group based policy and a second group based policy are received at a computing device, where each group based policy includes policy rules defining a range of destination internet protocol addresses, a range of source internet protocol addresses and a range of access ports. The computing device renders a three dimensional representation of the first group based policy, based on the policy rules of the first group based policy. The computing device renders a three dimensional representation of the second group based policy, based on the policy rules of the second group based policy. The computing device displays the representations of the first group based policy and second group based policy on a graphical interface.
2 Citations
20 Claims
-
1. A computer implemented method comprising:
-
receiving, by a computing device, a first group based policy having first policy rules and a second group based policy having second policy rules, the first policy rules defining a first range of destination internet protocol addresses, a first range of source internet protocol addresses and a first range of access ports, the second policy rules defining a second range of destination internet protocol addresses, a second range of source internet protocol addresses and a second range of access ports; based on the first policy rules of the first group based policy, rendering, by the computing device, a first three dimensional representation of the first group based policy; based on the second policy rules of the second group based policy, rendering, by the computing device, a second three dimensional representation of the second group based policy; displaying, on the computing device, the first three dimensional representation of the first group based policy and the second three dimensional representation of the second group based policy on a graphical interface; and displaying a conflict between the first policy rules and the second policy rules via an overlap in the first three dimensional representation of the first group based policy and the second three dimensional representation of the second group based policy on the graphical interface. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium containing instructions that, when executed by a computing device, cause the computing device to:
-
receive a first group based policy including first policy rules defining a first range of destination internet protocol addresses, a first range of source internet protocol addresses, and first a range of access ports; receive a second group based policy including second policy rules defining a second range of destination internet protocol addresses, a second range of source internet protocol addresses, and second a range of access ports; based on the first policy rules of the first group based policy, render a first three dimensional representation of the first group based policy; based on the second policy rules of the second group based policy, render a second three dimensional representation of the second group based policy; display the first three dimensional representation of the first group based policy and the second three dimensional representation of the second group based policy on a graphical interface; and display a conflict between the first policy rules and the second policy rules via an overlap in the first three dimensional representation of the first group based policy and the second three dimensional representation of the second group based policy on the graphical interface. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computing system comprising:
-
one or more computer processors; and a memory containing instructions that, when executed by the one or more computer processors, cause the computing system to; receive a first group based policy including first policy rules defining a first range of destination internet protocol addresses, a first range of source internet protocol addresses, and a first range of access ports; receive a second group based policy including second policy rules defining a second range of destination internet protocol addresses, a second range of source internet protocol addresses, and a second range of access ports; based on the first policy rules of the first group based policy, render a first three dimensional representation of the first group based policy; based on the second policy rules of the second group based policy, render a second three dimensional representation of the second group based policy; and display the first three dimensional representation of the first group based policy and the second three dimensional representation of the second group based policy on a graphical interface. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification