Network Security Policy Mediation
First Claim
Patent Images
1. A method for mediating between first and second network security policies, comprising:
- mapping a first security policy to a second security policy, wherein the second security policy is generic; and
mapping the second security policy to a plurality of rules each associated with a target network security policy and collectively executable at the target network.
16 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for mediating between first and second network security policies, by: (1) mapping a first security policy to a generic second security policy, and (2) mapping the generic second security policy to a plurality of rules each associated with a target network security policy.
-
Citations
20 Claims
-
1. A method for mediating between first and second network security policies, comprising:
-
mapping a first security policy to a second security policy, wherein the second security policy is generic; and mapping the second security policy to a plurality of rules each associated with a target network security policy and collectively executable at the target network. - View Dependent Claims (2, 6, 7, 8)
-
- 3. The method of claim 3 wherein mapping the first security policy to the second security policy comprises creating first security policy components based on rules of the first security policy and then comparing the first security policy components with a collection of generic security policy rules and components.
-
9. A system configured to mediate between an originating network security policy and a target network security policy, comprising:
-
a security policy translator configured to map first rules of the originating network security policy to second rules of a generic network security policy; and a security policy assembler configured to map the second rules of the generic network security policy to third rules of the target network security policy. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A system configured to mediate between first and second network security policies, comprising:
-
first mapping means for mapping the first security policy to a generic security policy; and second mapping means for mapping the generic security policy to the second network security policy. - View Dependent Claims (17, 18, 19, 20)
-
Specification