METHOD AND APPARATUS FOR CENTRALIZED POLICY PROGRAMMING AND DISTRIBUTIVE POLICY ENFORCEMENT
First Claim
Patent Images
1. A method for generating a centrally programmed, distributable network policy definition, the method comprising:
- executing instructions stored on a non-transitory computer-readable storage medium, wherein the execution of the instructions by a computer processor;
receives a first network policy parameter from a user, the first network policy parameter including one or more rules that govern network activity,receives a second network policy parameter from the user, the second network policy parameter including information about one or more network devices to which the one or more rules of the first network policy parameter apply,receives a third network policy parameter from the user, the third network policy parameter including a rule trigger event, the rule trigger event indicating to a network policy generator that a network policy configuration should be generated based on the first, second, and third network policy parameters, andidentifies the first, second, and third network policy parameters as collectively forming a network policy definition.
11 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for centralized policy programming and distributive policy enforcement is described. A method comprises centrally maintaining a plurality of policy definitions for one or more subscribers, generating policy configurations using the plurality of policy definitions, each of the policy configurations being specific to one of the plurality of policy definitions, and disseminating the policy configurations to the appropriate ones of the subscribers'"'"' networks.
13 Citations
20 Claims
-
1. A method for generating a centrally programmed, distributable network policy definition, the method comprising:
executing instructions stored on a non-transitory computer-readable storage medium, wherein the execution of the instructions by a computer processor; receives a first network policy parameter from a user, the first network policy parameter including one or more rules that govern network activity, receives a second network policy parameter from the user, the second network policy parameter including information about one or more network devices to which the one or more rules of the first network policy parameter apply, receives a third network policy parameter from the user, the third network policy parameter including a rule trigger event, the rule trigger event indicating to a network policy generator that a network policy configuration should be generated based on the first, second, and third network policy parameters, and identifies the first, second, and third network policy parameters as collectively forming a network policy definition. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
12. An apparatus for generating a centrally programmed, distributable network policy definition, the apparatus comprising:
-
a network interface that; receives a first network policy parameter from a user, the first network policy parameter including one or more rules that govern network activity, receives a second network policy parameter from the user, the second network policy parameter including information about one or more network devices to which the one or more rules of the first network policy parameter apply, and receives a third network policy parameter from the user, the third network policy parameter including a rule trigger event, the rule trigger event indicating to a network policy generator that a network policy configuration should be generated based on the first, second, and third network policy parameters; a memory; and a computer processor executing instructions out of the memory, wherein the execution of the instructions by the computer processor identifies that the first, second, and third network policy parameters as collectively forming a network policy definition. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification