Applying security policies based on context of a workload
First Claim
Patent Images
1. A method comprising:
- identifying a workload to be provided by one or more network resources;
analyzing the workload to determine one or more attributes of the workload, wherein the one or more attributes correspond to a type of data and a software application used by the workload;
identifying a general policy based on the determined one or more attributes corresponding to the type of data and the software application used by the workload, wherein the identified general policy is based on at least one of an industry standard or a government regulation, wherein the identified general policy comprises a first general policy associated with a first level of strictness and a second general policy associated with a second level of strictness higher than the first level of strictness;
determining, by a processing device, based on the identified general policy, one or more security policies to apply to the one or more network resources that provide the workload, wherein the one or more security policies satisfy one or more requirements associated with the identified general policy, wherein the one or more security policies satisfy the second level of strictness; and
applying the determined one or more security policies to the one or more network resources that provide the workload, wherein the applying of the determined one or more security policies modifies a configuration of the one or more network resources that provide the workload to satisfy the one or more requirements associated with the identified general policy.
2 Assignments
0 Petitions
Accused Products
Abstract
A workload to be provided by one or more network resources may be identified. The workload may be analyzed to determine one or more attributes of the workload. Furthermore, a general policy may be identified based on the one or more attributes of the workload. One or more security policies may be applied to a network resource that provides the workload. The one or more security policies may satisfy one or more requirements of the general policy.
-
Citations
15 Claims
-
1. A method comprising:
-
identifying a workload to be provided by one or more network resources; analyzing the workload to determine one or more attributes of the workload, wherein the one or more attributes correspond to a type of data and a software application used by the workload; identifying a general policy based on the determined one or more attributes corresponding to the type of data and the software application used by the workload, wherein the identified general policy is based on at least one of an industry standard or a government regulation, wherein the identified general policy comprises a first general policy associated with a first level of strictness and a second general policy associated with a second level of strictness higher than the first level of strictness; determining, by a processing device, based on the identified general policy, one or more security policies to apply to the one or more network resources that provide the workload, wherein the one or more security policies satisfy one or more requirements associated with the identified general policy, wherein the one or more security policies satisfy the second level of strictness; and applying the determined one or more security policies to the one or more network resources that provide the workload, wherein the applying of the determined one or more security policies modifies a configuration of the one or more network resources that provide the workload to satisfy the one or more requirements associated with the identified general policy. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
-
a memory; and a processing device coupled with the memory to; identify a workload to be provided by one or more network resources; analyze the workload to determine one or more attributes of the workload, wherein the one or more attributes correspond to a type of data and a software application used by the workload; identify a general policy based on the determined one or more attributes corresponding to the type of data and the software application used by the workload, wherein the identified general policy is based on at least one of an industry standard or a government regulation, wherein the identified general policy comprises a first general policy associated with a first level of strictness and a second general policy associated with a second level of strictness higher than the first level of strictness; determine, based on the identified general policy, one or more security policies to apply to the one or more network resources that provide the workload, wherein the one or more security policies satisfy one or more requirements associated with the identified general policy, wherein the one or more security policies satisfy the second level of strictness; and apply the determined one or more security policies to the one or more network resources that provide the workload, wherein the applying of the determined one or more security policies modifies a configuration of the one or more network resources that provide the workload to satisfy the one or more requirements associated with the identified general policy. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer readable storage medium including instructions that, when executed by a processing device, cause the processing device to perform operations comprising:
-
identifying a workload to be provided by one or more network resources; analyzing the workload to determine one or more attributes of the workload, wherein the one or more attributes correspond to a type of data and a software application used by the workload; identifying a general policy based on the determined one or more attributes corresponding to the type of data and the software application used by the workload, wherein the identified general policy is based on at least one of an industry standard or a government regulation, wherein the identified general policy comprises a first general policy associated with a first level of strictness and a second general policy associated with a second level of strictness higher than the first level of strictness; determining, by the processing device, based on the identified general policy, one or more security policies to apply to the one or more network resources that provide the workload, wherein the one or more security policies satisfy one or more requirements associated with the identified general policy, wherein the one or more security policies satisfy the second level of strictness; and applying the determined one or more security policies to the one or more network resources that provide the workload, wherein the applying of the determined one or more security policies modifies a configuration of the one or more network resources that provide the workload to satisfy the one or more requirements associated with the identified general policy. - View Dependent Claims (12, 13, 14, 15)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeCA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
-
Original AssigneeSymantec Corporation (NortonLifeLock Inc.)
-
InventorsBanerjee, Deb, Yelimeli, Sheetal Venkatesh, Gadre, Smita
-
Primary Examiner(s)King, John B
-
Application NumberUS14/266,585Time in Patent Office1,266 DaysField of Search726 1, 726226, 726201US Class CurrentCPC Class CodesH04L 63/145 the attack involving the pr...H04L 63/20 for managing network securi...H04L 63/205 involving negotiation or de...
