Security device controller
First Claim
Patent Images
1. A system for a security device controller, comprising:
- a hardware processor; and
a memory coupled with the hardware processor, wherein the memory is configured to provide the processor with instructions which when executed cause the hardware processor to;
receive a configuration policy in a vendor neutral language;
determine whether the configuration policy causes a configuration change to at least one security device of a plurality of security devices that violates a general or higher precedential rule of the configuration policy; and
in the event that the configuration policy does not cause the configuration change to the at least one security device of the plurality of security devices that violates the general or higher precedential rule of the configuration policy, automatically configure the plurality of security devices on a heterogeneous network based on the configuration policy, wherein the heterogeneous network includes different firewall devices from a plurality of different vendors, and wherein a firewall policy defined using the security device controller is automatically translated by the security device controller into a native language for each of the different firewall devices that can be implemented by each of the different firewall devices from each respective vendor of the plurality of different vendors.
6 Assignments
0 Petitions
Accused Products
Abstract
In some embodiments, a security device controller (SDC) is provided. In some embodiments, a security device controller includes receiving a configuration policy in a vendor neutral language; and automatically configuring a plurality of security devices on a heterogeneous network based on the configuration policy. For example, the plurality of security devices can include physical, virtual, or software defined network (SDN) based routers and/or firewalls, and the heterogeneous network can include security devices from a plurality of different vendors.
-
Citations
16 Claims
-
1. A system for a security device controller, comprising:
-
a hardware processor; and a memory coupled with the hardware processor, wherein the memory is configured to provide the processor with instructions which when executed cause the hardware processor to; receive a configuration policy in a vendor neutral language; determine whether the configuration policy causes a configuration change to at least one security device of a plurality of security devices that violates a general or higher precedential rule of the configuration policy; and in the event that the configuration policy does not cause the configuration change to the at least one security device of the plurality of security devices that violates the general or higher precedential rule of the configuration policy, automatically configure the plurality of security devices on a heterogeneous network based on the configuration policy, wherein the heterogeneous network includes different firewall devices from a plurality of different vendors, and wherein a firewall policy defined using the security device controller is automatically translated by the security device controller into a native language for each of the different firewall devices that can be implemented by each of the different firewall devices from each respective vendor of the plurality of different vendors. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for a security device controller, comprising:
-
receiving a configuration policy in a vendor neutral language; determining whether the configuration policy causes a configuration change to at least one security device of a plurality of security devices that violates a general or higher precedential rule of the configuration policy; and in the event that the configuration policy does not cause the configuration change to the at least one security device of the plurality of security devices that violates the general or higher precedential rule of the configuration policy, automatically configuring the plurality of security devices on a heterogeneous network based on the configuration policy, wherein the heterogeneous network includes different firewall devices from a plurality of different vendors, and wherein a firewall policy defined using the security device controller is automatically translated by the security device controller into a native language for each of the different firewall devices that can be implemented by each of the different firewall devices from each respective vendor of the plurality of different vendors. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A computer program product for a security device controller, the computer program product being embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for:
-
receiving a configuration policy in a vendor neutral language; determining whether the configuration policy causes a configuration change to at least one security device of a plurality of security devices that violates a general or higher precedential rule of the configuration policy; and in the event that the configuration policy does not cause the configuration change to the at least one security device of the plurality of security devices that violates the general or higher precedential rule of the configuration policy, automatically configuring the plurality of security devices on a heterogeneous network based on the configuration policy, wherein the heterogeneous network includes different firewall devices from a plurality of different vendors, and wherein a firewall policy defined using the security device controller is automatically translated by the security device controller into a native language for each of the different firewall devices that can be implemented by each of the different firewall devices from each respective vendor of the plurality of different vendors. - View Dependent Claims (13, 14, 15, 16)
-
Specification