Assurance of security rules in a network

Assignee

• Cisco Technology, Inc. · US

Inventors

• Advait Dixit · Sunnyvale, US
• Navneet Yadav · Cupertino, US
• Navjyoti Sharma · Livermore, US
• Ramana Rao Kompella · Cupertino, US
• Kartik Mohanram · Pittsburgh, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L12/4633
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems, methods, and computer-readable media for configuring and verifying compliance requirements in a network. An example method can include receiving, via a user interface, endpoint group (EPG) inclusion rules defining which EPGs on a network should be included in specific EPG selectors; selecting EPGs that satisfy the EPG inclusion rules for inclusion in the specific EPG selectors; creating the specific EPG selectors based on the selected EPGs; creating a traffic selector including parameters identifying traffic corresponding to the traffic selector; creating a compliance requirement based on a first and second EPG selector from the specific EPG selectors, the traffic selector, and a communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector; determining whether policies on the network comply with the compliance requirement; and generating compliance events indicating whether the policies comply with the compliance requirement.