公开(公告)号：US20240187379A1

公开(公告)日：2024-06-06

申请号：US18443233

申请日：2024-02-15

Applicant: Google LLC

Inventor： Kan Cai ,  Vikas Aggarwal ,  Gargi Adhav ,  Rajendra Yavatkar ,  Ning Zhao ,  Vishal Gupta

IPC: H04L9/40 ,  G06F9/54 ,  G06N20/00 ,  H04L41/14 ,  H04L41/16 ,  H04L43/026

CPC classification number: H04L63/0263 ,  G06F9/547 ,  G06N20/00 ,  H04L41/145 ,  H04L41/16 ,  H04L43/026 ,  H04L63/1425

Abstract: A firewall intelligence system, includes a data storage storing a set of firewall rules for a network; a recommendation engine that receives, from a log service, traffic logs detailing traffic for the network and firewall logs detailing the usage of firewall rules in response to the traffic for the network, accesses, from the data storage, the set of firewall rules for the network; processes the set of firewall rules to evaluate the firewall rules against a set of quantitative evaluation rules to determine one or more firewall rule recommendations, wherein each firewall rule recommendation is a recommendation to change at least one of the firewall rules in the set of firewall rules; and a front end API that provides data describing the one or more firewall rule recommendations to a user device.

公开(公告)号：US20220368602A1

公开(公告)日：2022-11-17

申请号：US17814158

申请日：2022-07-21

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L41/14 ,  H04L41/28

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operations includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US11716311B2

公开(公告)日：2023-08-01

申请号：US17121082

申请日：2020-12-14

Applicant: Google LLC

Inventor： Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Gargi Adhav ,  Xiaoyu Zhang

IPC: H04L9/40 ,  H04L41/16 ,  H04L47/125 ,  H04L47/25 ,  H04L47/41

CPC classification number: H04L63/0263 ,  H04L41/16 ,  H04L47/125 ,  H04L47/25 ,  H04L47/41 ,  H04L63/20

Abstract: Aspects of the disclosed technology comprise generating firewall rules based on traffic, outputting the generated firewall rules to an output file, and using the output file to set firewall rules in a network. The firewall rules may be generated without a priori knowledge of the network; alternatively no firewall rules are required. Generated rules may be tuned for user preferences to adjust for the number of generated firewall rules, and their over or under inclusiveness to non-historic traffic data.

公开(公告)号：US20230396508A1

公开(公告)日：2023-12-07

申请号：US18452512

申请日：2023-08-18

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L41/14 ,  H04L41/28

CPC classification number: H04L41/145 ,  H04L41/28 ,  H04L63/0272

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operation includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US20230114050A1

公开(公告)日：2023-04-13

申请号：US18051686

申请日：2022-11-01

Applicant: Google LLC

Inventor： Kan Cai ,  Vikas Aggarwal ,  Gargi Adhav ,  Rajendra Yavatkar ,  Ning Zhao ,  Vishal Gupta

IPC: H04L9/40 ,  H04L43/026 ,  H04L41/16 ,  G06F9/54 ,  G06N20/00 ,  H04L41/14

Abstract: A firewall intelligence system, includes a data storage storing a set of firewall rules for a network; a recommendation engine that receives, from a log service, traffic logs detailing traffic for the network and firewall logs detailing the usage of firewall rules in response to the traffic for the network, accesses, from the data storage, the set of firewall rules for the network; processes the set of firewall rules to evaluate the firewall rules against a set of quantitative evaluation rules to determine one or more firewall rule recommendations, wherein each firewall rule recommendation is a recommendation to change at least one of the firewall rules in the set of firewall rules; and a front end API that provides data describing the one or more firewall rule recommendations to a user device.

公开(公告)号：US11424991B2

公开(公告)日：2022-08-23

申请号：US17110259

申请日：2020-12-02

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L12/00 ,  H04L41/14 ,  H04L41/28 ,  H04L9/40

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operations includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US20220150128A1

公开(公告)日：2022-05-12

申请号：US17110259

申请日：2020-12-02

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L12/24

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operations includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US12170596B2

公开(公告)日：2024-12-17

申请号：US18452512

申请日：2023-08-18

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L12/00 ,  H04L41/14 ,  H04L41/28 ,  H04L9/40

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operation includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US11765044B2

公开(公告)日：2023-09-19

申请号：US17814158

申请日：2022-07-21

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L12/00 ,  H04L41/14 ,  H04L41/28 ,  H04L9/40

CPC classification number: H04L41/145 ,  H04L41/28 ,  H04L63/0263 ,  H04L63/0272

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operations includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US20220166756A1

公开(公告)日：2022-05-26

申请号：US17121082

申请日：2020-12-14

Applicant: Google LLC

Inventor： Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Gargi Adhav ,  Xiaoyu Zhang

IPC: H04L29/06 ,  H04L12/891 ,  H04L12/803 ,  H04L12/825 ,  H04L12/24

Abstract: Aspects of the disclosed technology comprise generating firewall rules based on traffic, outputting the generated firewall rules to an output file, and using the output file to set firewall rules in a network. The firewall rules may be generated without a priori knowledge of the network; alternatively no firewall rules are required. Generated rules may be tuned for user preferences to adjust for the number of generated firewall rules, and their over or under inclusiveness to non-historic traffic data.