Layered two-dimensional projection generation and display
US-2016048984-A1 · Feb 18, 2016 · US
Multi-layered policy management
US11689573B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11689573-B2 |
| Application number | US-201916731678-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 31, 2019 |
| Priority date | Dec 31, 2018 |
| Publication date | Jun 27, 2023 |
| Grant date | Jun 27, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for enforcing policy on multiple levels, including context-based and/or packet-based, as well as one or more of event-based, activity-based, and behavior-based. Higher-level abstraction of policy enables IP endpoint discovery and classification for which predefined multi-level policy can be applied. Management of policy can abstract lower-level parameters in favor of a higher-level of abstraction, which enables integration with an asset management platform.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method comprising: dynamically generating, in response to detecting a threshold number of anomalies, a multi-level policy for a set of Internet of Things (IoT) devices, the multi-level policy comprising a first policy at a low level of abstraction and a second policy at a high level of abstraction, wherein the first policy at the low level of abstraction is generated at least in part in response to a specification of the second policy at the high level of abstraction, and wherein the second policy references an action to take if a particular activity is attempted by a device included in the set of IoT devices; discovering an Internet Protocol (IP) endpoint, the IP endpoint corresponding to an IoT device; classifying the IP endpoint; and applying the generated multi-level policy to the IP endpoint based on the classification of the IP endpoint. 2. The method of claim 1 , further comprising: detecting a deviation from the multi-level policy in operation of the IoT device; and generating and sending an alert to an administrator of a network. 3. The method of claim 1 , wherein the first policy at the low level of abstraction is one or more of context-based and packet-based. 4. The method of claim 1 , wherein the first policy at the low level of abstraction is at least context-based, and context includes one or more of background event context, identity-based context, and group-based context. 5. The method of claim 1 , wherein the first policy at the low level of abstraction is at least packet-based, and is based at least in part on patterns in packets that match regular expressions of policy rules. 6. The method of claim 1 , wherein the second policy at the high level of abstraction is one or more of event-based, activity-based, and behavior-based. 7. The method of claim 1 , wherein the second policy at the high level of abstraction is at least event-based, and is based at least in part on converting patterns to fields of an event. 8. The method of claim 1 , wherein an administrator of a network is permitted to modify the second policy at the high level of abstraction and the first policy at the low level of abstraction. 9. The method of claim 1 , wherein an administrator of a network is permitted to modify the second policy at the high level of abstraction and is not permitted to modify the first policy at the low level of abstraction. 10. The method of claim 1 , wherein one or more of generating the multi-level policy and classifying the IP endpoint is based at least in part on machine learning. 11. A system comprising: a multi-level policy management engine configured to dynamically generate, in response to detecting a threshold number of anomalies, a multi-level policy for a set of Internet of Things (IoT) devices, the multi-level policy comprising a first policy at a low level of abstraction and a second policy at a high level of abstraction, wherein the first policy at the low level of abstraction is generated at least in part in response to a specification of the second policy at the high level of abstraction, and wherein the second policy references an action to take if a particular activity is attempted by a device included in the set of IoT devices; an Internet Protocol (IP) endpoint discovery and classification engine configured to discover an IP endpoint, the IP endpoint corresponding to an IoT device; classify the IP endpoint; and a multi-level policy compliance detection engine configured to apply the generated multi-level policy to the IP endpoint based on the classification of the IP endpoint. 12. The system of claim 11 , wherein the multi-level policy compliance detection engine is further configured to detect a deviation from the multi-level policy in operation of the IoT device, and wherein the system further comprises a signal correlation engine configured to generate and send an alert to an administrator of a network. 13. The system of claim 11 , wherein the first policy at the low level of abstraction is one or more of context-based and packet-based. 14. The system of claim 11 , wherein the first policy at the low level of abstraction is at least context-based, and context includes one or more of background event context, identity-based context, and group-based context. 15. The system of claim 11 , wherein the first policy at the low level of abstraction is at least packet-based, and is based at least in part on patterns in packets that match regular expressions of policy rules. 16. The system of claim 11 , wherein the second policy at the high level of abstraction is one or more of event-based, activity-based, and behavior-based. 17. The system of claim 11 , wherein the second policy at the high level of abstraction is at least event-based, and is based at least in part on converting patterns to fields of an event. 18. The system of claim 11 , wherein an administrator of a network is permitted to modify the second policy at the high level of abstraction and the first policy at the low level of abstraction. 19. The system of claim 11 , wherein an administrator of a network is permitted to modify the second policy at the high level of abstraction and is not permitted to modify the first policy at the low level of abstraction. 20. The system of claim 11 , wherein one or more of generating the multi-level policy and classifying the IP endpoint is based at least in part on machine learning.
Assignees
Inventors
Classifications
specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks · CPC title
Policy-based network configuration management · CPC title
- H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
- H04L41/0853Primary
by actively collecting configuration information or by backing up configuration information · CPC title
using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11689573B2 cover?
- Techniques for enforcing policy on multiple levels, including context-based and/or packet-based, as well as one or more of event-based, activity-based, and behavior-based. Higher-level abstraction of policy enables IP endpoint discovery and classification for which predefined multi-level policy can be applied. Management of policy can abstract lower-level parameters in favor of a higher-level o…
- Who is the assignee on this patent?
- Palo Alto Networks Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/20. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jun 27 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).