×

Creation of security policy templates and security policies based on the templates

  • US 9,571,524 B2
  • Filed: 01/20/2015
  • Issued: 02/14/2017
  • Est. Priority Date: 01/20/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • at a management entity;

    connecting across a network with different types of security devices including at least two of an application security appliance, a web security appliance, and a firewall device;

    importing, over the network, security policies from the security devices, each security policy including security rules from a corresponding one of the different security devices, each security rule including a set of rule parameters to permit or deny access to a resource based on a network protocol, and source and destination addresses;

    comparing the rule parameters of each security rule of each imported security policy to identify commonality in the security rules across the different security devices;

    based on commonality between the security rules identified in the comparing, classifying the imported security policies into identical security policy classifications when all of their associated rule parameters are the same as each other, similar security policy classifications when only some of their associated rule parameters are the same as each other, and unique security policy classifications when none of their associated rule parameters are the same as each other;

    displaying at least the identical security policy classifications as user selectable options;

    receiving selections of the identical security policy classifications;

    creating a new policy template that includes all of the security policies identified by selected ones of the policy classification selections;

    creating a new security policy based on the new policy template; and

    applying the new security policy to a security device over the network.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×