Security device controller
First Claim
Patent Images
1. A system for a security device controller, comprising:
- a processor configured to;
receive at least one configuration policy in a vendor neutral language; and
automatically configure a plurality of security devices on a heterogeneous network based on the at least one configuration policy, wherein the plurality of security devices includes physical, virtual, or software defined network (SDN) based routers and/or firewalls, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein automatically configuring the plurality of security devices comprises to;
translate, using a first dictionary, a first configuration policy of the at least one configuration policy in the vendor neutral language into a first language relating to a first security device of a first vendor, the first dictionary including translations of vendor-neutral security device commands/languages into first vendor specification commands/languages;
translate, using a second dictionary, the first configuration policy of the at least one configuration policy in the vendor neutral language into a second language relating to a second security device of a second vendor, the first vendor being different from the second vendor, the second dictionary including translations of the vendor-neutral security device commands/languages into second vendor specification commands/languages;
send the first language to the first security device; and
send the second language to the second security device, each security device relating to a firewall or router; and
a memory coupled to the processor and configured to provide the processor with instructions.
7 Assignments
0 Petitions
Accused Products
Abstract
In some embodiments, a security device controller (SDC) is provided. In some embodiments, a security device controller includes receiving a configuration policy in a vendor neutral language; and automatically configuring a plurality of security devices on a heterogeneous network based on the configuration policy. For example, the plurality of security devices can include physical, virtual, or software defined network (SDN) based routers and/or firewalls, and the heterogeneous network can include security devices from a plurality of different vendors.
68 Citations
15 Claims
-
1. A system for a security device controller, comprising:
-
a processor configured to; receive at least one configuration policy in a vendor neutral language; and automatically configure a plurality of security devices on a heterogeneous network based on the at least one configuration policy, wherein the plurality of security devices includes physical, virtual, or software defined network (SDN) based routers and/or firewalls, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein automatically configuring the plurality of security devices comprises to; translate, using a first dictionary, a first configuration policy of the at least one configuration policy in the vendor neutral language into a first language relating to a first security device of a first vendor, the first dictionary including translations of vendor-neutral security device commands/languages into first vendor specification commands/languages; translate, using a second dictionary, the first configuration policy of the at least one configuration policy in the vendor neutral language into a second language relating to a second security device of a second vendor, the first vendor being different from the second vendor, the second dictionary including translations of the vendor-neutral security device commands/languages into second vendor specification commands/languages; send the first language to the first security device; and send the second language to the second security device, each security device relating to a firewall or router; and a memory coupled to the processor and configured to provide the processor with instructions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for a security device controller, comprising:
-
receiving at least one configuration policy in a vendor neutral language; and automatically configuring a plurality of security devices on a heterogeneous network based on the at least one configuration policy, wherein the plurality of security devices includes physical, virtual, or software defined network (SDN) based routers and/or firewalls, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein automatically configuring the plurality of security devices comprises; translating, using a first dictionary, a first configuration policy of the at least one configuration policy in the vendor neutral language into a first language relating to a first security device of a first vendor, the first dictionary including translations of vendor-neutral security device commands/languages into first vendor specification commands/languages; translating, using a second dictionary, the first configuration policy of the at least one configuration policy in the vendor neutral language into a second language relating to a second security device of a second vendor, the first vendor being different from the second vendor, the second dictionary including translations of the vendor-neutral security device commands/languages into second vendor specification commands/languages; sending the first language to the first security device; and sending the second language to the second security device, each security device relating to a firewall or router. - View Dependent Claims (11, 12)
-
-
13. A computer program product for a security device controller, the computer program product being embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for:
-
receiving at least one configuration policy in a vendor neutral language; and automatically configuring a plurality of security devices on a heterogeneous network based on the at least one configuration policy, wherein the plurality of security devices includes physical, virtual, or software defined network (SDN) based routers and/or firewalls, wherein the heterogeneous network includes security devices from a plurality of different vendors, and wherein automatically configuring the plurality of security devices comprises; translating, using a first dictionary, a first configuration policy of the at least one configuration policy in the vendor neutral language into a first language relating to a first security device of a first vendor, the first dictionary including translations of vendor-neutral security device commands/languages into first vendor specification commands/languages; translating, using a second dictionary, the first configuration policy of the at least one configuration policy in the vendor neutral language into a second language relating to a second security device of a second vendor, the first vendor being different from the second vendor, the first dictionary including translations of the vendor-neutral security device commands/languages into second vendor specification commands/languages; sending the first language to the first security device; and sending the second language to the second security device, each security device relating to a firewall or router. - View Dependent Claims (14, 15)
-
Specification