Network agent for generating platform specific network policies
First Claim
Patent Images
1. A system comprising:
- a processor; and
a non-transitory computer-readable medium storing instructions that, when executed by the system, cause the system to perform operations including;
receiving, by an agent controller, a platform independent network policy from a network policy system;
transmitting, via an interprocess communication channel, the platform independent network policy to an agent enforcer on the system, the agent enforcer associated with a privileged status on the system;
determining, by the agent enforcer, implementation characteristics of the system;
generating, by the agent enforcer, one or more platform specific policies from the platform independent network policy based on the implementation characteristics of the system; and
implementing, by the agent enforcer, the one or more platform specific policies on the system.
1 Assignment
0 Petitions
Accused Products
Abstract
The disclosed technology relates to a network agent for generating platform specific network policies. A network agent is configured to receive a platform independent network policy from a network policy system, determine implementation characteristics of the network entity, generate platform specific policies from the platform independent network policy based on the implementation characteristics of the network entity, and implement the platform specific policies on the network entity.
682 Citations
20 Claims
-
1. A system comprising:
-
a processor; and a non-transitory computer-readable medium storing instructions that, when executed by the system, cause the system to perform operations including; receiving, by an agent controller, a platform independent network policy from a network policy system; transmitting, via an interprocess communication channel, the platform independent network policy to an agent enforcer on the system, the agent enforcer associated with a privileged status on the system; determining, by the agent enforcer, implementation characteristics of the system; generating, by the agent enforcer, one or more platform specific policies from the platform independent network policy based on the implementation characteristics of the system; and implementing, by the agent enforcer, the one or more platform specific policies on the system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method comprising:
-
receiving, by an agent running on a network entity, a platform independent network policy from a network policy system; determining implementation characteristics of the network entity; transmitting, by an interprocess communication, the platform independent network policy to an agent enforcer of the network entity, the agent enforcer associated with a privileged status on the network entity; generating platform specific policies from the platform independent network policy based on the implementation characteristics of the network entity; and implementing the platform specific policies on the network entity. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium comprising instructions, the instructions, when executed by a computing system, cause the computing system to:
-
receive, by an agent controller, a platform independent network policy from a network policy system; transmit, via an interprocess communication channel, the platform independent network policy to an agent enforcer on the computing system, the agent enforcer associated with a privileged status on the computing system; generate, by the agent enforcer, one or more platform specific policies from the platform independent network policy based on an operating system of the computing system; and implement, by the agent enforcer, the one or more platform specific policies on the system. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification