公开(公告)号：US20240422167A1

公开(公告)日：2024-12-19

申请号：US18815417

申请日：2024-08-26

Applicant: Juniper Networks, Inc.

Inventor： Prasad Miriyala ,  Sajeesh Mathew ,  Akhilesh Pathodia ,  Tashi Garg

IPC: H04L9/40 ,  G06F9/54

Abstract: A network controller for a software-defined networking (SDN) architecture system may receive a request to generate an access control policy for a role in a container orchestration system, where the request specifies a plurality of functions. The network controller may execute the plurality of functions and may log execution of the plurality of functions in an audit log. The network controller may parse the audit log to determine a plurality of resources of the container orchestration system accessed from executing the plurality of functions and, for each resource of the plurality of resources, a respective one or more types of operations performed on the respective resource. The network controller may create, based at least in part on the parsed audit log, the access control policy for the role that permits a role to perform, on each of the plurality of resources, the respective one or more types of operations.

公开(公告)号：US12074884B2

公开(公告)日：2024-08-27

申请号：US17808970

申请日：2022-06-24

Applicant: Juniper Networks, Inc.

Inventor： Prasad Miriyala ,  Sajeesh Mathew ,  Akhilesh Pathodia ,  Tashi Garg

IPC: H04L9/40 ,  G06F9/54

CPC classification number: H04L63/105 ,  G06F9/547 ,  H04L63/20

Abstract: A network controller for a software-defined networking (SDN) architecture system may receive a request to generate an access control policy for a role in a container orchestration system, where the request specifies a plurality of functions. The network controller may execute the plurality of functions and may log execution of the plurality of functions in an audit log. The network controller may parse the audit log to determine a plurality of resources of the container orchestration system accessed from executing the plurality of functions and, for each resource of the plurality of resources, a respective one or more types of operations performed on the respective resource. The network controller may create, based at least in part on the parsed audit log, the access control policy for the role that permits a role to perform, on each of the plurality of resources, the respective one or more types of operations.

公开(公告)号：US11799737B1

公开(公告)日：2023-10-24

申请号：US17364630

申请日：2021-06-30

Applicant: Juniper Networks, Inc.

Inventor： Iqlas M. Ottamalika ,  Wei Gao ,  Tashi Garg

IPC: G06F15/173 ,  H04L41/22 ,  H04L43/04 ,  H04L41/12 ,  H04L41/14

CPC classification number: H04L41/22 ,  H04L41/12 ,  H04L41/145 ,  H04L43/04

Abstract: In general, techniques are described by which to provide a topology-based graphical user interface for network management systems. A controller device comprising a processor and a memory may be configured to perform the techniques. The processor may monitor network devices arranged according to a network topology to obtain operational data, and obtain configuration data defining the network topology. The memory may store the operational data and the configuration data. The processor may analyze the configuration data and the operational data to provide a graphical representation of the network topology that graphically depicts the operational data, and present a single graphical user interface that presents the graphical representation of the network topology that graphically depicts the operational data.