Identifying and providing network application security policies governing connections to and from hosts in a network

Assignee

• Zscaler, Inc. · US

Inventors

• Peter Smith · Acton, US
• Aparna Ayikkara · Brookline, US
• Omar Baba · Winchester, US
• Daniel Einspanjer · Salem, US
• Anthony Gelsomini · Westwood, US
• Thomas C. Hickman · Hollis, US
• Peter Kahn · Southborough, US
• Thomas Evan Keiser, Jr. · Boston, US
• Andriy Kochura · North Andover, US
• Nikitha Koppu · Shrewsbury, US
• Scott Laplante · Fairport, US
• Xing Li · Boulder, US
• Raymond Brian Liu · Lexington, US
• Sean Lutner · Norfolk, US
• Michael J. Melson · Arlington, US
• Peter Nahas · Watertown, US
• John O'Neil · Watertown, US
• Herman Parfenov · Andover, US
• Joseph Riopel · Worcester, US
• Suji Suresh · Westford, US
• Harry Sverdlove · North Reading, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W12/08
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A computer system automatically generates a proposal for network application security policies to be applied on a telecommunications network. The system provides output representing the proposed network application security policies to a user. The user provides input either approving or disapproving of the network application security policies. If the user approves, then the system applies the of the proposed microsegmentation. This process may be repeated for a plurality of hosts and subsets thereof within the same network, and may be repeated over time to modify one or more existing network application security policies. The network application security policies govern inbound and outbound connections to the hosts in the network.