| 发明名称 | Method and system for evaluating access granted to dynamically provisioned virtual servers across endpoints in a network | ||
| 摘要 | A network analysis tool is provided in support of a data communication network having dynamically provisioned devices at indeterminate endpoints wherein templates, namely, the collection of meta-data about dynamically provisioned devices on a network (beyond the conventional networking concept of an endpoint address), are modeled as fixed endpoints for purposes of tracking. In a specific embodiment, template groups are generated as network interfaces for a modeled template enforcement device, and template groups are represented as if they are network endpoints connected to a template enforcement device, and a device description for the template enforcement device is produced. | ||
| 申请公布号 | US9325741(B2) | 申请公布日期 | 2016.04.26 |
| 申请号 | US201514634411 | 申请日期 | 2015.02.27 |
| 申请人 | RedSeal, Inc. | 发明人 | Lloyd Michael A. |
| 分类号 | H04L29/06;H04L12/24 | 主分类号 | H04L29/06 |
| 代理机构 | Kilpatrick Townsend & Stockton LLP | 代理人 | Kilpatrick Townsend & Stockton LLP ;Allen Kenneth R. |
| 主权项 | 1. A data processing system for modeling access between endpoints of a real data communication network comprising: a processing element; random access memory for nonvolatile storage for a program set for modeling, and for data associated with the modeling, of the real data communication network; at least one input interface device for receiving configuration information about the real data communication network; said program set including a model of a portion of the real data communication network, the model including a representation of a template enforcement device and an element for modeling, as network locations, dynamically provisioned participants whose network endpoint is not specified in advance, but which are configured according to template-based rules that specify network access rules at indeterminate endpoints in the real data communication network, the model being configured to determine access that has been or is actually granted between a template treated as if it can communicate as a fixed endpoint, and the model of the portion of the real data communication network; and an output interface device for extracting information from the model; for modeling access of the templates to the real data communication network. | ||
| 地址 | Sunnyvale CA US | ||