Method for Propagating Access Policies
First Claim
Patent Images
1. A method comprising:
- determining a plurality of neighboring network devices;
exchanging policy databases between the plurality of neighboring network devices;
requesting that the plurality of neighboring network devices execute access policies contained in the exchanged policy databases; and
managing a first access policy protocol database.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure describes a network appliance and associated access policy protocol (APP) that communicates and obeys access policies within a network. The network appliance (APP node) propagates access policies to other APP nodes that can utilize the policies most effectively. When an access policy reaches the network boundary, intra network bandwidth is optimized. The access policies may be distributed and executed in the cloud—e.g. proxy firewall, proxy policy execution.
91 Citations
20 Claims
-
1. A method comprising:
-
determining a plurality of neighboring network devices; exchanging policy databases between the plurality of neighboring network devices; requesting that the plurality of neighboring network devices execute access policies contained in the exchanged policy databases; and managing a first access policy protocol database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus comprising:
-
a memory comprising an access policy protocol database; and a processor coupled to the memory, wherein the processor is operative to; determine a plurality of network devices neighboring the apparatus; exchange policy databases with the neighboring network devices; and request that the plurality of neighboring network devices execute access policies contained in the access policy protocol database. - View Dependent Claims (18)
-
-
19. A method of managing a plurality of neighboring network devices comprising:
-
sending access policy protocol request packets to the plurality of neighboring network devices requesting the plurality of neighboring network devices to perform the associated access policy on behalf of the requesting network device; receiving access policy protocol update packets confirming compliance with the access policy protocol request packets; and maintaining a plurality of access policy protocol databases, such that each network device maintains an active access policy protocol database and an inactive access policy protocol database. - View Dependent Claims (20)
-
Specification