公开(公告)号：AU2019390284B2

公开(公告)日：2024-08-01

申请号：AU2019390284

申请日：2019-11-12

Applicant: CISCO TECHNOLOGY INC

Inventor： VALLURI VAMSIDHAR ,  RADHAKRISHNAN SARAVANAN ,  OSWAL ANAND ,  PRABHU VINAY ,  EVANS SARAH ADELAIDE ,  RANGASWAMY SURAJ

IPC: H04L67/01 ,  H04L41/00

Abstract: Systems and methods provide for provisioning a dynamic intent-based firewall. A network controller can generate a master route table for network segments reachable from edge network devices managed by the controller. The controller can receive zone definition information mapping the network segments into zones and Zone-based Firewall (ZFW) policies to apply to traffic between a source and destination zone specified by each ZFW policy. The controller can evaluate a ZFW policy to determine first edge network devices that can reach first network segments mapped to the source zone specified by the ZFW policy, second edge network devices that can reach second network segments mapped to the destination zone specified by the ZFW policy, and routing information (from the route table) between the first network segments, the first and second edge network devices, and the second network segments. The controller can transmit the routing information to the edge network devices.

公开(公告)号：AU2019385802A1

公开(公告)日：2021-06-17

申请号：AU2019385802

申请日：2019-11-18

Applicant: CISCO TECHNOLOGY INC

Inventor： VALLURI VAMSIDHAR ,  PRABHU VINAY ,  EVANS SARAH ADELAIDE ,  RANGASWAMY SURAJ

IPC: H04L29/06

Abstract: Systems and methods provide for synergistic domain name system DNS security updates for an enterprise network operating under a Software Defined Wide Area Network (SD-WAN). A system may be configured to collect positive and/or negative unified threat defense (UTD) results, deploy a rules-based model that, when a threat or clearance is detected across several SD-WAN edge network devices, triggers an update to a local security blacklist/whitelist, wherein the update comprises a signature, and push the update to other devices that have not yet seen the threat or clearance.