Approach for securely deploying network devices
First Claim
1. A computer-implemented method for deploying a network device, the computer-implemented method comprising:
- establishing a secure introduction connection between the network device and a registrar;
the registrar providing bootstrap configuration data to the network device over the secure introduction connection, wherein the bootstrap configuration data is used to establish a secure management connection between the network device and a secure management gateway; and
the secure management gateway providing user-specific configuration data and security policy data to the network device over the secure management connection;
wherein the user-specific configuration data and security policy data are used to establish a secure data connection between the network device and a secure data gateway.
2 Assignments
0 Petitions
Accused Products
Abstract
According to an approach for securely deploying and configuring network devices, a secure introduction connection is established between a network device being deployed and a registrar. The secure introduction connection may conform to a secure communications protocol, such as HTTPS. The registrar provides bootstrap configuration data to the network device over the secure introduction connection. The bootstrap configuration data is used to establish a secure management connection between the network device and a secure management gateway. The secure management connection may conform to a secure communications protocol, such as IPsec or HTTPS. The secure management gateway provides user-specific configuration data and security policy data to the network device over the secure management connection. The user-specific configuration data and policy data are used to establish a secure data connection, such as a Dynamic Multipoint Virtual Private Network (DMVPN) connection, between the network device and the secure data gateway.
-
Citations
36 Claims
-
1. A computer-implemented method for deploying a network device, the computer-implemented method comprising:
-
establishing a secure introduction connection between the network device and a registrar;
the registrar providing bootstrap configuration data to the network device over the secure introduction connection, wherein the bootstrap configuration data is used to establish a secure management connection between the network device and a secure management gateway; and
the secure management gateway providing user-specific configuration data and security policy data to the network device over the secure management connection;
wherein the user-specific configuration data and security policy data are used to establish a secure data connection between the network device and a secure data gateway. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-readable medium for deploying a network device, the computer-readable medium carrying instructions which, when executed by one or more processors, cause:
-
establishing a secure introduction connection between the network device and a registrar;
the registrar providing bootstrap configuration data to the network device over the secure introduction connection, wherein the bootstrap configuration data is used to establish a secure management connection between the network device and a secure management gateway; and
the secure management gateway providing user-specific configuration data and security policy data to the network device over the secure management connection;
wherein the user-specific configuration data and security policy data are used to establish a secure data connection between the network device and a secure data gateway. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An apparatus for deploying a network device, the apparatus comprising a memory storing instructions which, when executed by one or more processors, cause:
-
establishing a secure introduction connection between the network device and a registrar;
the registrar providing bootstrap configuration data to the network device over the secure introduction connection, wherein the bootstrap configuration data is used to establish a secure management connection between the network device and a secure management gateway; and
the secure management gateway providing user-specific configuration data and security policy data to the network device over the secure management connection;
wherein the user-specific configuration data and security policy data are used to establish a secure data connection between the network device and a secure data gateway. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. An apparatus for deploying a network device, the apparatus comprising:
-
means for establishing a secure introduction connection between the network device and a registrar;
means for the registrar providing bootstrap configuration data to the network device over the secure introduction connection, wherein the bootstrap configuration data is used to establish a secure management connection between the network device and a secure management gateway; and
means for the secure management gateway providing user-specific configuration data and security policy data to the network device over the secure management connection;
wherein the user-specific configuration data and security policy data are used to establish a secure data connection between the network device and a secure data gateway. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36)
-
Specification