Adaptive network security using zero trust microsegmentation

Assignee

• ColorTokens Inc. · US

Inventors

• Harish Akali · Acton, US
• Satyam Tyagi · Richardson, US
• Wyn Owen · San Jose, US
• Surya Kollimarla · Santa Clara, US
• Rajesh Khazanchi · Cupertino, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/205
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.