公开(公告)号：US10057291B1

公开(公告)日：2018-08-21

申请号：US14938650

申请日：2015-11-11

Applicant: Amazon Technologies, Inc.

Inventor： John Mark Glotzer ,  Apisak Darakananda ,  Xiongwei Xie

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/0263 ,  H04L63/101 ,  H04L63/1441

Abstract: Techniques and solutions are provided for assessing the semantic difference between networking access control lists (ACLs). For example, a semantic difference can be determined between an ACL that is currently deployed on a network device and an ACL that is a candidate for deployment. The semantic difference can be presented to a user to better understand what changes would be made to network traffic flow if the candidate ACL is deployed. The semantic difference can also be used in an automated manner to perform automatic deployment of the candidate ACL.