Security device controller

US 9,369,431 B1
Filed: 11/27/2013
Issued: 06/14/2016
Est. Priority Date: 02/07/2013
Status: Active Grant

First Claim

Patent Images

1. A system for a security device controller, comprising:

a processor configured to;

receive at least one configuration policy in a vendor neutral language; and

automatically configure a plurality of security devices on a heterogeneous network based on the at least one configuration policy, wherein the plurality of security devices includes physical, virtual, or software defined network (SDN) based routers and/or firewalls, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein automatically configuring the plurality of security devices comprises to;

translate, using a first dictionary, a first configuration policy of the at least one configuration policy in the vendor neutral language into a first language relating to a first security device of a first vendor, the first dictionary including translations of vendor-neutral security device commands/languages into first vendor specification commands/languages;

translate, using a second dictionary, the first configuration policy of the at least one configuration policy in the vendor neutral language into a second language relating to a second security device of a second vendor, the first vendor being different from the second vendor, the second dictionary including translations of the vendor-neutral security device commands/languages into second vendor specification commands/languages;

send the first language to the first security device; and

send the second language to the second security device, each security device relating to a firewall or router; and

a memory coupled to the processor and configured to provide the processor with instructions.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In some embodiments, a security device controller (SDC) is provided. In some embodiments, a security device controller includes receiving a configuration policy in a vendor neutral language; and automatically configuring a plurality of security devices on a heterogeneous network based on the configuration policy. For example, the plurality of security devices can include physical, virtual, or software defined network (SDN) based routers and/or firewalls, and the heterogeneous network can include security devices from a plurality of different vendors.

68 Citations

View as Search Results

15 Claims

1. A system for a security device controller, comprising:
- a processor configured to;
  
  receive at least one configuration policy in a vendor neutral language; and
  
  automatically configure a plurality of security devices on a heterogeneous network based on the at least one configuration policy, wherein the plurality of security devices includes physical, virtual, or software defined network (SDN) based routers and/or firewalls, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein automatically configuring the plurality of security devices comprises to;
  
  translate, using a first dictionary, a first configuration policy of the at least one configuration policy in the vendor neutral language into a first language relating to a first security device of a first vendor, the first dictionary including translations of vendor-neutral security device commands/languages into first vendor specification commands/languages;
  
  translate, using a second dictionary, the first configuration policy of the at least one configuration policy in the vendor neutral language into a second language relating to a second security device of a second vendor, the first vendor being different from the second vendor, the second dictionary including translations of the vendor-neutral security device commands/languages into second vendor specification commands/languages;
  
  send the first language to the first security device; and
  
  send the second language to the second security device, each security device relating to a firewall or router; and
  
  a memory coupled to the processor and configured to provide the processor with instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein the security device controller facilitates provisioning security devices.
  - 3. The system of claim 2, wherein the heterogeneous network includes firewall devices from a plurality of different vendors.
  - 4. The system of claim 1, wherein the security device controller facilitates provisioning security devices, including physical security devices, virtual security devices, and/or software defined networks (SDN) based networks.
  - 5. The system of claim 4, wherein the heterogeneous network includes security devices from a plurality of different vendors.
  - 6. The system of claim 1, wherein the heterogeneous network includes firewall devices from a plurality of different vendors.
  - 7. The system of claim 1, wherein the heterogeneous network includes firewall devices from a plurality of different vendors.
  - 8. The system of claim 1, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein the processor is further configured to:
    - generate a report on the plurality of security devices on the heterogeneous network.
  - 9. The system of claim 1, wherein the first language is different from the second language.

10. A method for a security device controller, comprising:
- receiving at least one configuration policy in a vendor neutral language; and
  
  automatically configuring a plurality of security devices on a heterogeneous network based on the at least one configuration policy, wherein the plurality of security devices includes physical, virtual, or software defined network (SDN) based routers and/or firewalls, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein automatically configuring the plurality of security devices comprises;
  
  translating, using a first dictionary, a first configuration policy of the at least one configuration policy in the vendor neutral language into a first language relating to a first security device of a first vendor, the first dictionary including translations of vendor-neutral security device commands/languages into first vendor specification commands/languages;
  
  translating, using a second dictionary, the first configuration policy of the at least one configuration policy in the vendor neutral language into a second language relating to a second security device of a second vendor, the first vendor being different from the second vendor, the second dictionary including translations of the vendor-neutral security device commands/languages into second vendor specification commands/languages;
  
  sending the first language to the first security device; and
  
  sending the second language to the second security device, each security device relating to a firewall or router.
- View Dependent Claims (11, 12)
- - 11. The method of claim 10, wherein the security device controller facilitates provisioning security devices.
  - 12. The method of claim 10, wherein the security device controller facilitates provisioning security devices, including physical security devices, virtual security devices, and/or software defined networks (SDN) based networks.

13. A computer program product for a security device controller, the computer program product being embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for:
- receiving at least one configuration policy in a vendor neutral language; and
  
  automatically configuring a plurality of security devices on a heterogeneous network based on the at least one configuration policy, wherein the plurality of security devices includes physical, virtual, or software defined network (SDN) based routers and/or firewalls, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein automatically configuring the plurality of security devices comprises;
  
  translating, using a first dictionary, a first configuration policy of the at least one configuration policy in the vendor neutral language into a first language relating to a first security device of a first vendor, the first dictionary including translations of vendor-neutral security device commands/languages into first vendor specification commands/languages;
  
  translating, using a second dictionary, the first configuration policy of the at least one configuration policy in the vendor neutral language into a second language relating to a second security device of a second vendor, the first vendor being different from the second vendor, the first dictionary including translations of the vendor-neutral security device commands/languages into second vendor specification commands/languages;
  
  sending the first language to the first security device; and
  
  sending the second language to the second security device, each security device relating to a firewall or router.
- View Dependent Claims (14, 15)
- - 14. The computer program product recited in claim 13, wherein the security device controller facilitates provisioning security devices.
  - 15. The computer program product recited in claim 13, wherein the security device controller facilitates provisioning security devices, including physical security devices, virtual security devices, and/or software defined networks (SDN) based networks.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Infoblox Incorporated
Original Assignee
Infoblox Incorporated
Inventors
Kirby, Jason A., Tur, Francois J., Troillard, Christophe, Belamaric, John Dominic
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Shayanfar, Ali

Application Number

US14/092,415
Time in Patent Office

930 Days
Field of Search

726/1
US Class Current

1/1
CPC Class Codes

G06F 21/604   Tools and structures for ma...

H04L 63/02   for separating internal fro...

H04L 63/0209   Architectural arrangements,...

H04L 63/0218   Distributed architectures, ...

H04L 63/20   for managing network securi...

Security device controller

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

68 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Security device controller

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

68 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links