Policy block creation with context-sensitive policy line classification

作者: Sachin Vasant , Denis Knjazihhin , Yedidya Dotan , Daniel Hollingshead , Umesh Kumar Miglani

DOI:

关键词:

摘要: Presented herein are techniques for creating a policy block comprised of group lines rules/statements across configuration files network devices. An algorithm is provided that determines when multiple policies to be merged together into one policy. In embodiment, data uploaded from includes plurality The represents rules configured on the representing compared similarities in order based their similarities. Data stored clusters, each cluster have been grouped together. One or more generated applied devices using while maintaining context rule processing.

参考文章(70)
Kimberly G. Drongesen, John P. Borz, John Bigley, Matthew Lee Deter, Douglas T. Albright, John K. Gonsalves, Daryl Wong, Jeffrey H. Soesbe, Kathleen M. Takayama, Office machine security policy ,(2012)
Douglas Thompson, Kyle Seegmiller, Douglas Hale, GUI administration of discretionary or mandatory security policies ,(2001)
Nancy Cam-Winget, Vanaja Ravi, Pok Wong, Allan Thomson, Policy-based control layer in a communication fabric ,(2013)
Charles W. Knouse, Francisco J. Villavicencio, Authorization services with external authentication ,(2002)
Sivaram Gottimukkala, Lap Thiet Huynh, Dinakaran Joseph, Jr Linwood Hugh Overby, Michael Behrendt, Wesley Mcmillan Devine, Gerd Breiter, Method of dynamically updating network security policy rules when new network resources are provisioned in a service landscape ,(2009)
Dan P. Antilley, Ravi Pritmani, Cris T. Paltenghe, Peter Jordan Langsam, Igor A. Baikalov, Carmen M. Warn, Jonathan William Deats, Chadwick R. Renfro, Robert Alan Hansen, Systems and methods for performing access entitlement reviews ,(2011)