Network policy assignment based on user reputation score

摘要

A network controller device, systems, and methods thereof are described herein for enabling a mechanism of assigning network policies to one or more users based on their respective client reputation (CR) scores. CR scores indicate a measure of the level and kind of network activity that an internal resource does with external resources. Based on the evaluation of the CR score for a given user, system of the present invention can be configured to implement an appropriate policy on the user that controls the manner in which the user interacts within and outside the network. Proposed system includes multiple virtual local area networks (VLANs), wherein each VLAN is configured with a defined policy such that once the CR score for a given user has been evaluated, the user can be put on an appropriate VLAN based on the evaluation and the intended policy that the system wants the user to follow.

主权项

1. A method comprising:
maintaining, by a network controller for a protected network having a plurality of users, an association between a plurality of Virtual Local Area Networks (VLANs) into which the protected network is divided and a plurality of security policies; retrieving, by a network controller, for a user of the plurality of users, a reputation score associated with said user, wherein said reputation score is generated based on activities of said user within the protected network; evaluating, by said network controller, said reputation score; and assigning, by said network controller, a security policy of the plurality of security policies to the user by assigning the user to a VLAN of the plurality of VLANs that is associated with the security policy based on evaluation of said reputation score, wherein the security policy governs a manner in which said user is permitted to interact with the protected network.