SYSTEMS AND METHODS FOR EXTENDING SECURITY PLATFORMS TO CLOUD-BASED NETWORKS
First Claim
1. A method of managing a network, comprising;
- generating a set of security policies for a set of managed machines in a network;
identifying a cloud-accessible subset of the set of managed machines configured to be exposed to an external cloud environment; and
generating a partitioned security class in the set of security policies identifying a set of access conditions to permit access of the cloud-accessible subset to the external cloud environment.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments relate to systems and methods for extending a network security platform to a cloud-based network. A set of managed machines, such as personal computers or servers, can be managed by a network security engine. The network security engine can govern access to and operation of the set of managed machines through a set of security policies. According to embodiments, the set of security policies can be sub-divided into a partitioned security class corresponding to a subset of the managed network which is intended to be deployed as a cloud-accessible subset of the overall managed network. The partitioned security class can specify access restrictions for the cloud-accessible subset to receive resources from or provide resources to the external cloud environment. A corporate campus network or other managed network can therefore permit access of the cloud to some or all of its machines, while still maintaining desired local security conditions.
238 Citations
20 Claims
-
1. A method of managing a network, comprising;
-
generating a set of security policies for a set of managed machines in a network; identifying a cloud-accessible subset of the set of managed machines configured to be exposed to an external cloud environment; and generating a partitioned security class in the set of security policies identifying a set of access conditions to permit access of the cloud-accessible subset to the external cloud environment. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A network security platform, comprising:
-
an interface to a set of machines in a managed network; and a network security engine, communicating with the cloud-accessible subset via the interface, the network security engine being configured to— generate a set of security policies for the set of managed machines in a network, identify a cloud-accessible subset of the set of managed machines configured to be exposed to an external cloud environment, and generate a partitioned security class in the set of security policies identifying a set of access conditions to permit access of the cloud-accessible subset to the external cloud environment. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A set of machines, the set of machines being configured for interaction with a cloud environment by a method comprising:
-
generating a set of security policies for a set of managed machines in a network; identifying a cloud-accessible subset of the set of managed machines configured to be exposed to an external cloud environment, and generating a partitioned security class in the set of security policies identifying a set of access conditions to permit access of the cloud-accessible subset to the external cloud environment. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification