-
公开(公告)号:US20210306338A1
公开(公告)日:2021-09-30
申请号:US16836410
申请日:2020-03-31
Applicant: Juniper Networks, Inc.
Inventor: Prasad Miriyala , Sajeesh Mathew , Kannan Varadhan
Abstract: In some examples, an access control policy controller in a computer network may receive a request to create an access control policy that permits a role to perform one or more functions in the computer network. The access control policy controller may determine one or more operations performed on one or more objects in the computer network to perform the one or more functions based at least in part on tracking performance of the one or more functions in the computer network. The access control policy controller may create the access control policy for the role that permits the role to perform the one or more operations on the one or more objects in the computer network.
-
公开(公告)号:US10742557B1
公开(公告)日:2020-08-11
申请号:US16024306
申请日:2018-06-29
Applicant: Juniper Networks, Inc.
Inventor: Prasad Miriyala , Manish Singh , Vivekananda Shenoy , Anantharamu Suryanarayana
IPC: H04L12/813 , H04L12/863 , H04L12/741 , H04L12/46 , H04L12/937 , H04L29/06 , G06F9/455 , H04L12/931
Abstract: Techniques are disclosed for extending scalable policy management to supporting network devices. A network device comprising a memory and a processor may perform various aspects of the techniques. The memory may be configured to store a policy. The processor may be configured to obtain the policy to be enforced by a supporting network device coupled to a server, and identify a port of the supporting network device to which the server is coupled via the switch fabric. The policy controller may also identify a workload executed by the server to which the policy is associated, and convert the policy into configuration data supported by the network device. The policy controller may further configure, based on the configuration data, the network device to enforce the policy with respect to network traffic received via the identified port.
-
63.发明授权公开(公告)号:US10728288B2
公开(公告)日:2020-07-28
申请号:US16024412
申请日:2018-06-29
Applicant: Juniper Networks, Inc.
Inventor: Prasad Miriyala
Abstract: Techniques are disclosed for implementing scalable policies across a plurality of categories that support application workloads. In one example, the policy is a security policy that indicates which types of virtualized application workloads are required to communicate with encryption and groups computing devices into zones that communicate via respective tunnels configured to carry encrypted communication. An orchestration engine selects a computing device based on the zones fined in the security policy to ensure that the virtualized application workloads requiring encrypted communication communicate via tunnels configured to carry encrypted communication.
-
公开(公告)号:US20200059459A1
公开(公告)日:2020-02-20
申请号:US16146713
申请日:2018-09-28
Applicant: Juniper Networks, Inc.
Inventor: Sanju C. Abraham , Kiran N. Kasim , Prasad Miriyala
IPC: H04L29/06 , H04L12/715 , H04L12/723 , H04L12/741 , H04L12/713 , H04L12/933 , H04L12/46
Abstract: In general, techniques are described for enhancing operations of virtual networks. In some examples, a network system includes a plurality of servers interconnected by a switch fabric comprising a plurality of switches interconnected to form a physical network. Each of the servers comprises an operating environment executing one or more virtual machines in communication via one or more virtual networks. The servers comprise a set of virtual routers configured to extend the virtual networks to the operating environments of the virtual machines. A virtual router of the set of virtual routers is configured to prepare tunnel packets by forwarding packets received from virtual machines to an IPSec kernel executing in a host operating network stack, receiving the ESP packets back from the IPSec kernel and forwarding the ESP packets across the virtual networks.
-
-
-
Search Results
64
records
(took 0.015 seconds)
