US 11,863,555 B2
Remote access policies for IoT devices using manufacturer usage description (MUD) files
Robert E. Barton, Richmond (CA); Jerome Henry, Pittsboro, NC (US); and Vinay Saini, Bangalore (IN)
Assigned to CISCO TECHNOLOGY, INC., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Feb. 12, 2021, as Appl. No. 17/174,906.
Prior Publication US 2022/0263820 A1, Aug. 18, 2022
Int. Cl. H04L 29/00 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/0876 (2013.01) [H04L 63/0209 (2013.01); H04L 63/0272 (2013.01); H04L 63/164 (2013.01); H04L 63/20 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method comprising:
establishing, by a management service for a network executed by one or more devices, a trust relationship with an entity associated with an endpoint in the network, wherein the entity is a manufacturer or vendor of the endpoint;
receiving, at the management service and via a Manufacturer Usage Description file for the endpoint, an indication that the entity desires remote access to the endpoint in the network;
configuring, by the management service and based on the indication, the network to provide a remote access connection between the entity and the endpoint in the network by providing a virtual private network (VPN) configuration to an edge device in the network that allows the entity to form a VPN connection with the endpoint via the edge device, to enable communication between the manufacturer or vendor of the endpoint and the endpoint using the VPN connection; and
providing, by the management service and to the entity, credentials to the entity for the remote access connection.