SYSTEMS AND METHODS FOR THE RAPID DEPLOYMENT OF NETWORK SECURITY DEVICES
First Claim
1. A configuration service, comprising:
- a security module configured to associate an identifier of a network security device with a deployment package, wherein the deployment package comprises a credential, and wherein the security module is configured to provide the deployment package to a network security device in response to a request comprising the device identifier; and
a management module configured to associate the device identifier with a production configuration, the production configuration comprising a deployment-specific security policy comprising one or more deployment-specific configuration parameters for the network security device, wherein the management module is configured to provide the production configuration to the network security device in response to a request from the network device comprising the credential of the deployment package.
8 Assignments
0 Petitions
Accused Products
Abstract
A configuration service comprises a deployment package and a production configuration for a network security device. One or more configuration parameters of the production configuration may be defined by an administrator of the network security device (e.g., the customer). The network security device may be preconfigured with a network address and identifier. The network security device may be configured to automatically request and apply the deployment package at deployment time by use of the preconfigured network address and identifier. The network security device may automatically request and apply the production configuration from the configuration service in response to applying the deployment package.
-
Citations
20 Claims
-
1. A configuration service, comprising:
-
a security module configured to associate an identifier of a network security device with a deployment package, wherein the deployment package comprises a credential, and wherein the security module is configured to provide the deployment package to a network security device in response to a request comprising the device identifier; and a management module configured to associate the device identifier with a production configuration, the production configuration comprising a deployment-specific security policy comprising one or more deployment-specific configuration parameters for the network security device, wherein the management module is configured to provide the production configuration to the network security device in response to a request from the network device comprising the credential of the deployment package. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for automatically configuring a network security device, comprising:
-
associating a network security device with a deployment package and a production configuration; providing the deployment package to the network security device in response a request from the network security device, the request comprising an identifier of the network security device, wherein the deployment package comprises a feature key of the network security device; and providing a production configuration to the network security device in response to a request from the network security device, the request comprising a credential of the deployment package, wherein the production configuration comprises a configuration of one or more security features of the network security device specified by the feature key. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A self-configuring network security device, comprising:
-
a machine-readable storage medium preconfigured with a network address of a security module and a device identifier; a bootstrap module configured to apply a deployment package to the network security device, the deployment package received in response to a request directed to a security module at the preconfigured network address and comprising the preconfigured device identifier, the request in response to coupling the network security device to a network, wherein the deployment package comprises a network address of a management module and a credential, and wherein applying the deployment package comprises configuring an administrator account of the network security device; and a production module configured to apply a production configuration to the network security device, the production configuration received in response to establishing a secure connection with the management module using the credential and the network address of the deployment package, wherein the configuration agent is configured to apply the production configuration using the administrator account. - View Dependent Claims (20)
-
Specification