Network policy evaluation
First Claim
Patent Images
1. A device, comprising:
- a processor to;
identify a plurality of network policies related to a network client device,receive, from the network client device, parameter measurements related to the plurality of network policies,determine, based on the parameter measurements, compliance results, where the compliance results identify one or more deficiencies with regard to a compliance, by the network client device, with the plurality of network policies,forward, to a host device, the compliance results, where the compliance results are used by the host device to implement one or more of the plurality of network policies with respect to a network destination device when the network client device attempts to communicate, via the host device, to the network destination device, andforward, to the network client device, remediation instructions, where the remediation instructions are based on the compliance results and include one or more instructions to improve the compliance, of the network client device, with at least one of the plurality of network policies.
11 Assignments
0 Petitions
Accused Products
Abstract
A device may include an interface to send policy information to an evaluation module, where the policy information is related to a group of policies, and receive a group of results from the evaluation module, where the group of results indicates whether the status of a source device complies with the croup of policies. The interface may send an instruction to a destination device configured to implement at least a subset of the policies with respect to the source device based on the instruction.
70 Citations
20 Claims
-
1. A device, comprising:
a processor to; identify a plurality of network policies related to a network client device, receive, from the network client device, parameter measurements related to the plurality of network policies, determine, based on the parameter measurements, compliance results, where the compliance results identify one or more deficiencies with regard to a compliance, by the network client device, with the plurality of network policies, forward, to a host device, the compliance results, where the compliance results are used by the host device to implement one or more of the plurality of network policies with respect to a network destination device when the network client device attempts to communicate, via the host device, to the network destination device, and forward, to the network client device, remediation instructions, where the remediation instructions are based on the compliance results and include one or more instructions to improve the compliance, of the network client device, with at least one of the plurality of network policies. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. A method, comprising:
-
receiving, by a service device and from a network client device, parameter measurements related to the plurality of network policies, determining, by the service device and based on the parameter measurements, compliance results, where the compliance results identify one or more deficiencies with regard to compliance, by the network client device, with the plurality of network policies, forwarding, by the service device and to a host device, the compliance results, where the compliance results are used by the host device to implement one or more of the plurality of network policies with respect to a network destination device when the client device attempts to communicate, via the host device, to the network destination device, and forwarding, by the service device and to the network client device, remediation instructions, where the remediation instructions are based on the compliance results and include one or more instructions related to the one or more deficiencies. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer readable memory device that stores instructions executable by a processing device, the computer readable memory device comprising:
-
instructions to receive network communication policy information; instructions to retrieve a plurality of network policies based on the network communication policy information; instructions to determine whether a network device complies with the plurality of network policies; instructions to produce policy results based on determining whether the network device complies with the plurality of network policies; and instructions to forward remediation instructions to the network device, where the remediation instructions are based on the policy results and identify one or more actions to improve compliance, by the network device, with one or more of the plurality of network policies. - View Dependent Claims (19, 20)
-
Specification