Patent · US Active

Dynamic device isolation in a network

US10356124B2 · kind B2 · utility

2Cited by

1References

18Claims

0Family size

Assignee

Cisco Technology, Inc. · US

Inventors

Pascal Thubert · Villeneuve-Loubet, FR
Eric Levy-Abegnoli · Nice, FR
Eliot Lear · Wetzikon, CH
Brian Weis · San Jose, US

Key dates

Filing date	Mar 1, 2017
Grant date	Jul 16, 2019
Priority date	—
Expiry date	Apr 8, 2037

Classification

Technology area (CPC H)Electricity
CPC primaryH04L61/5014
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

In one embodiment, a device in a network inserts a profile tag into an address request sent by an endpoint node in the network to a lookup service. The lookup service is configured to identify one or more addresses with which the endpoint node is authorized to communicate based on a profile for the endpoint node associated with the inserted profile tag. The device receives an address response sent from the lookup service to the endpoint node that indicates the set of one or more addresses with which the endpoint node is authorized to communicate. The device determines whether a communication between the endpoint node and a particular network address is authorized using the set of one or more addresses with which the endpoint node is authorized to communicate. The device blocks the communication based on a determination that the particular network address is not in the set of one or more addresses with which the endpoint node is authorized to communicate.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.