US 11,792,230 B2
Resolving access policies between intent-based network architectures and cloud native architectures
Thomas Szigeti, Vancouver (CA); David J. Zacks, Vancouver (CA); Walter Hulick, Pearland, TX (US); and Shannon McFarland, Parker, CO (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Sep. 13, 2021, as Appl. No. 17/473,306.
Prior Publication US 2023/0081708 A1, Mar. 16, 2023
Int. Cl. G06F 21/62 (2013.01); H04L 9/40 (2022.01); G06F 21/51 (2013.01); G06F 21/78 (2013.01)
CPC H04L 63/20 (2013.01) [H04L 63/0876 (2013.01); H04L 63/101 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system comprising:
one or more processors; and
one or more non-transitory computer-readable media storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising:
obtaining a first set of access policies for a network service mesh, the first set of access policies defining whether first applications are allowed or restricted from communicating in the network service mesh with second applications;
obtaining a second set of access policies for an intent-based network (IBN) architecture, the second set of access policies defining whether the first applications are allowed or restricted from communicating in the IBN architecture with the second applications;
identifying a conflict between the first set of access policies and the second set of access policies;
determining a resolution for the conflict between the first set of access policies and the second set of access policies; and
determining, based at least in part on the resolution, a third set of access policies that defines whether the first applications are allowed or restricted from communicating with the second applications in the network service mesh and the IBN architecture.