Network policy analysis for networks

Assignee

• Cisco Technology, Inc. · US

Inventors

• Chandra Nagarajan · Fremont, US
• Kartik Mohanram · Pittsburgh, US
• Sundar Iyer · Palo Alto, US
• Ramana Rao Kompella · Cupertino, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/20
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems, methods, and computer-readable media for performing network assurance in a traditional network. In some examples, a system can collect respective sets of configurations programmed at network devices in a network and, based on the respective sets of configurations, determine a network-wide configuration of the network, the network-wide configuration including virtual local area networks (VLANs), access control lists (ACLs) associated with the VLANs, subnets, and/or a topology. Based on the network-wide configuration of the network, the system can compare the ACLs for each of the VLANs to yield a VLAN consistency check, compare respective configurations of the subnets to yield a subnet consistency check, and perform a topology consistency check based on the topology. Based on the VLAN consistency check, the subnet consistency check, and the topology consistency check, the system can determine whether the respective sets of configurations programmed at the network devices contain a configuration error.