Protecting network devices from suspicious communications

The invention claimed is: 1. An apparatus comprising: one or more processors; and memory storing computer executable instructions that, when executed by the one or more processors, cause the apparatus to: determine, based on monitored communication between a first device and a second device via a network, information associated with expected communication behavior for the first device; determine, based on the expected communication behavior and based on monitored subsequent communication associated with the first device, a degree of communication deviation; compare the degree of communication deviation with a first deviation range of a plurality of different deviation ranges, wherein each of the deviation ranges is associated with one or more corresponding communication parameters; cause, based on the comparing, application of one or more communication parameters to communication of the first device; and control, based on the application, network access associated with the first device. 2. The apparatus of claim 1 , wherein the applied one or more communication parameters comprises one or more of: a restriction on a packet size transmitted from the first device; a restriction on a communication time for the first device; a restriction on a communication attempt from the first device to another device; or a restriction on a communication attempt from another device to the first device. 3. The apparatus of claim 1 , wherein the instructions, when executed by the one or more processors, cause the apparatus to compare the degree of communication deviation with the first deviation range by comparing the degree of communication deviation with a threshold. 4. The apparatus of claim 1 , wherein the instructions, when executed by the one or more processors, cause the apparatus to compare the degree of communication deviation with the first deviation range by comparing an expected size of data packets communicated by the first device with a current size of data packets communicated by the first device. 5. The apparatus of claim 1 , wherein the instructions, when executed by the one or more processors, cause the apparatus to compare the degree of communication deviation with the first deviation range by comparing an expected frequency of communications of the first device with a current frequency of communications of the first device. 6. The apparatus of claim 1 , wherein the instructions, when executed by the one or more processors, cause the apparatus to compare the degree of communication deviation with the first deviation range by comparing an expected type of communication protocol used by the first device with a current type of communication protocol used by the first device. 7. An apparatus comprising: one or more processors; and memory storing computer executable instructions that, when executed by the one or more processors, cause the apparatus to: generate, based on detected communication associated with a first device, a historical communication pattern for the first device, wherein the first device is associated with a first network; determine, based on detected communication associated with the first device, a current communication pattern associated with the first device; and cause, based on whether the current communication pattern differs from the historical communication pattern by a threshold level, application of one or more communication parameters to communication of the first device. 8. The apparatus of claim 7 , wherein the instructions, when executed by the one or more processors, further cause the apparatus to: determine, from a plurality of communication parameters and based on a degree of deviation between the current communication pattern and the historical communication pattern being within a first deviation range, a first communication parameter, wherein the first communication parameter has fewer restrictions than a second communication parameter associated with a second deviation range. 9. The apparatus of claim 7 , wherein the instructions, when executed by the one or more processors, further cause the apparatus to: determine, from a plurality of communication parameters and based on a degree of deviation between the current communication pattern and the historical communication pattern being within a first deviation range, a first communication parameter having fewer restrictions than a second communication parameter associated with a second deviation range; determine, based on another detected communication associated with the first device, a second degree of deviation between another current communication pattern and the historical communication pattern within the second deviation range; and cause, based on the second degree of deviation, application of the second communication parameter to further communication of the first device. 10. The apparatus of claim 7 , wherein the instructions, when executed by the one or more processors, further cause the apparatus to: determine, from a plurality of parameters and based on a degree of deviation between the current communication pattern and the historical communication pattern being within a first deviation range, a first communication parameter having fewer restrictions than a second communication parameter associated with a second deviation range; determine, based on a second degree of deviation between the historical communication pattern and another detected communication associated with the first device, a different security status of the first device; and cause, based on the different security status, application of one or more different communication parameters to communication of the first device, blocking communication to or from the first device, or allowing communication to or from the first device. 11. The apparatus of claim 7 , wherein the instructions, when executed by the one or more processors, further cause the apparatus to: determine a communication attempt from a second device to the first device; determine a security status associated with the second device; and restrict, based on the security status and on the applied one or more communication parameters, communication associated with the communication attempt. 12. The apparatus of claim 7 , wherein the instructions, when executed by the one or more processors, cause the apparatus to cause application of one or more communication parameters to communication of the first device by causing application of the one or more parameters based on whether: a packet size associated with the current communication pattern differs from the historical communication pattern by a first threshold level; or a frequency of communication associated with the current communication pattern differs from the historical communication pattern by a second threshold level. 13. The apparatus of claim 7 , wherein the instructions, when executed by the one or more processors, cause the apparatus to determine a degree of communication deviation based on different weights for a plurality of communication deviation types associated with the first device. 14. The apparatus of claim 7 , wherein the instructions, when executed by the one or more processors, further cause the apparatus to: set, based on determining that a sensor type of a second device corresponds to a sensor type of the first device, a security status of the second device by using expected communication behavior for the first device. 15. The apparatus of claim 7 , wherein the instructions, when executed by the one or more processors, further cause the apparatus to: update, based on another detected communicat