Validating a device class claim using machine learning

What is claimed is: 1. A method, comprising: receiving, at a device in a network, an access policy and a machine learning-based class behavioral model for a node in the network that are associated with a class that is associated with a Manufacturer Usage Description (MUD) Universal Resource Identifier (URI) asserted by the node, wherein the class behavioral model is generated based on traffic data observed from one or more devices of the class asserted by the node and on synthetic traffic data formed from the access policy associated with the class asserted by the node; applying, by the device, the access policy and class behavioral model to traffic associated with the node; identifying, by the device, a deviation in a behavior of the node from the class behavioral model, based on the applying of the class behavioral model to the traffic associated with the node; and causing, by the device, performance of a mitigation action in the network based on the identified deviation in the behavior of the node from the class behavioral model. 2. The method as in claim 1 , wherein the mitigation action comprises one of: blocking at least a portion of the traffic associated with the node or generating an alert regarding the node. 3. The method as in claim 1 , wherein the access policy indicates a set of one or more endpoints with which the node is authorized to communicate. 4. The method as in claim 1 , wherein the device comprises at least one of: a router, a switch, a firewall, or a gateway in the network. 5. The method as in claim 1 , wherein the identified deviation in the behavior of the node from the class behavioral model is indicative of the class asserted by the node being different than an actual class of the node. 6. The method as in claim 1 , wherein the access policy is determined using data downloaded from the MUD URI. 7. A method, comprising: receiving, at a supervisory device in a network, data indicative of a class asserted by a node in the network, where in the data comprises a Manufacturer Usage Description (MUD) Universal Resource Identifier (URI) asserted by the node; identifying, by the supervisory device, an access policy associated with the class asserted by the node; identifying, by the supervisory device, a machine learning-based class behavioral model associated with the class asserted by the node, wherein the class behavioral model is generated based on traffic data observed from one or more devices of the class asserted by the node and on synthetic traffic data formed from the access policy associated with the class asserted by the node; and causing, by the supervisory device, installation of the access policy and class behavioral model to one or more networking devices in the network, wherein the one or more networking devices apply the access policy and class behavioral model to traffic associated with the node, and wherein the one or more networking devices cause a mitigation action to be performed when a behavior of the node deviates from the class behavioral model. 8. The method as in claim 7 , wherein the mitigation action comprises one of: blocking at least a portion of the traffic associated with the node or generating an alert regarding the node. 9. The method as in claim 7 , wherein the access policy indicates a set of one or more endpoints with which the node is authorized to communicate. 10. The method as in claim 7 , wherein the supervisory device is an access control server, and wherein the device comprises at least one of: a router, a switch, a firewall, or a gateway in the network. 11. The method as in claim 7 , further comprising: downloading, by the supervisory device, data from the MUD URI to determine the access policy. 12. An apparatus, comprising: one or more network interfaces to communicate with a network; a processor coupled to the network interfaces and configured to execute one or more processes; and a memory configured to store a process executable by the processor, the process when executed configured to: receive an access policy and a machine learning-based class behavioral model for a node in the network that are associated with a class that is associated with a Manufacturer Usage Description (MUD) Universal Resource Identifier (URI) asserted by the node, wherein the class behavioral model is generated based on traffic data observed from one or more devices of the class asserted by the node and on synthetic traffic data formed from the access policy associated with the class asserted by the node; apply the access policy and class behavioral model to traffic associated with the node; identify a deviation in a behavior of the node from the class behavioral model, based on the application of the class behavioral model to the traffic associated with the node; and cause performance of a mitigation action in the network based on the identified deviation in the behavior of the node from the class behavioral model. 13. The apparatus as in claim 12 , wherein the mitigation action comprises one of: blocking at least a portion of the traffic associated with the node or generating an alert regarding the node. 14. The apparatus as in claim 12 , wherein the access policy indicates a set of one or more endpoints with which the node is authorized to communicate. 15. The apparatus as in claim 12 , wherein the apparatus comprises at least one of: a router, a switch, a firewall, or a gateway in the network. 16. The apparatus as in claim 12 , wherein the identified deviation in the behavior of the node from the class behavioral model is indicative of the class asserted by the node being different than an actual class of the node. 17. The apparatus as in claim 12 , wherein the access policy is determined using data downloaded from the MUD URI.