Invention Grant
- Patent Title: Resolving access policies between intent-based network architectures and cloud native architectures
-
Application No.: US17473306Application Date: 2021-09-13
-
Publication No.: US11792230B2Publication Date: 2023-10-17
- Inventor: Thomas Szigeti , David J. Zacks , Walter Hulick , Shannon McFarland
- Applicant: Cisco Technology, Inc.
- Applicant Address: US CA San Jose
- Assignee: Cisco Technology, Inc.
- Current Assignee: Cisco Technology, Inc.
- Current Assignee Address: US CA San Jose
- Agency: Lee & Hayes, P.C.
- Main IPC: G06F21/62
- IPC: G06F21/62 ; H04L9/40 ; G06F21/51 ; G06F21/78

Abstract:
Techniques for expressing, communicating, de-conflicting, and enforcing consistent access policies between an IBN architecture and a Cloud-Native architecture. Generally, network administrators and/or users of a Cloud-Native architecture and an IBN architecture express access policies independently for the two different domains or architectures. According to the techniques described herein, a Network Service Endpoint (NSE) of the Cloud-Native architecture may exchange access policies with a network device of the IBN architecture. After exchanging access policies, conflicts between the sets of access policies may be identified, such as differences between allowing or denying communications between microservices and/or applications. The conflicts may be de-conflicted using various types of heuristics or rules, such as always selecting an access policy of the IBN architecture when conflicts arise. After the access policies have been de-conflicted, the IBN architecture and Cloud-Native architecture may then apply consistent access policies for traffic and communications in their respective network architectures.
Public/Granted literature
- US20230081708A1 Resolving Access Policies Between Intent-Based Network Architectures and Cloud Native Architectures Public/Granted day:2023-03-16
Information query