US 11,924,073 B2
System and method of assigning reputation scores to hosts
Sunil Kumar Gupta, Milpitas, CA (US); Navindra Yadav, Cupertino, CA (US); Michael Standish Watts, Mill Valley, CA (US); Ali Parandehgheibi, Sunnyvale, CA (US); Shashidhar Gandham, Fremont, CA (US); Ashutosh Kulshreshtha, Cupertino, CA (US); and Khawar Deen, Sunnyvale, CA (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Aug. 16, 2021, as Appl. No. 17/403,026.
Application 17/403,026 is a continuation of application No. 16/280,894, filed on Feb. 20, 2019, granted, now 11,102,093.
Application 16/280,894 is a continuation of application No. 15/171,580, filed on Jun. 2, 2016, granted, now 10,243,817, issued on Mar. 26, 2019.
Claims priority of provisional application 62/171,899, filed on Jun. 5, 2015.
Prior Publication US 2021/0377136 A1, Dec. 2, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/00 (2013.01); G06F 3/0482 (2013.01); G06F 3/04842 (2022.01); G06F 3/04847 (2022.01); G06F 9/455 (2018.01); G06F 16/11 (2019.01); G06F 16/13 (2019.01); G06F 16/16 (2019.01); G06F 16/17 (2019.01); G06F 16/174 (2019.01); G06F 16/23 (2019.01); G06F 16/2457 (2019.01); G06F 16/248 (2019.01); G06F 16/28 (2019.01); G06F 16/29 (2019.01); G06F 16/9535 (2019.01); G06F 21/53 (2013.01); G06F 21/55 (2013.01); G06F 21/56 (2013.01); G06N 20/00 (2019.01); G06N 99/00 (2019.01); G06T 11/20 (2006.01); H04J 3/06 (2006.01); H04J 3/14 (2006.01); H04L 1/24 (2006.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01); H04L 41/046 (2022.01); H04L 41/0668 (2022.01); H04L 41/0803 (2022.01); H04L 41/0806 (2022.01); H04L 41/0816 (2022.01); H04L 41/0893 (2022.01); H04L 41/12 (2022.01); H04L 41/16 (2022.01); H04L 41/22 (2022.01); H04L 43/02 (2022.01); H04L 43/026 (2022.01); H04L 43/04 (2022.01); H04L 43/045 (2022.01); H04L 43/062 (2022.01); H04L 43/08 (2022.01); H04L 43/0805 (2022.01); H04L 43/0811 (2022.01); H04L 43/0829 (2022.01); H04L 43/0852 (2022.01); H04L 43/0864 (2022.01); H04L 43/0876 (2022.01); H04L 43/0882 (2022.01); H04L 43/0888 (2022.01); H04L 43/10 (2022.01); H04L 43/106 (2022.01); H04L 43/12 (2022.01); H04L 43/16 (2022.01); H04L 45/00 (2022.01); H04L 45/302 (2022.01); H04L 45/50 (2022.01); H04L 45/74 (2022.01); H04L 47/11 (2022.01); H04L 47/20 (2022.01); H04L 47/2441 (2022.01); H04L 47/2483 (2022.01); H04L 47/28 (2022.01); H04L 47/31 (2022.01); H04L 47/32 (2022.01); H04L 61/5007 (2022.01); H04L 67/01 (2022.01); H04L 67/10 (2022.01); H04L 67/1001 (2022.01); H04L 67/12 (2022.01); H04L 67/51 (2022.01); H04L 67/75 (2022.01); H04L 69/16 (2022.01); H04L 69/22 (2022.01); H04W 72/54 (2023.01); H04W 84/18 (2009.01); H04L 67/50 (2022.01)
CPC H04L 43/045 (2013.01) [G06F 3/0482 (2013.01); G06F 3/04842 (2013.01); G06F 3/04847 (2013.01); G06F 9/45558 (2013.01); G06F 16/122 (2019.01); G06F 16/137 (2019.01); G06F 16/162 (2019.01); G06F 16/17 (2019.01); G06F 16/173 (2019.01); G06F 16/174 (2019.01); G06F 16/1744 (2019.01); G06F 16/1748 (2019.01); G06F 16/2322 (2019.01); G06F 16/235 (2019.01); G06F 16/2365 (2019.01); G06F 16/24578 (2019.01); G06F 16/248 (2019.01); G06F 16/285 (2019.01); G06F 16/288 (2019.01); G06F 16/29 (2019.01); G06F 16/9535 (2019.01); G06F 21/53 (2013.01); G06F 21/552 (2013.01); G06F 21/556 (2013.01); G06F 21/566 (2013.01); G06N 20/00 (2019.01); G06N 99/00 (2013.01); G06T 11/206 (2013.01); H04J 3/0661 (2013.01); H04J 3/14 (2013.01); H04L 1/242 (2013.01); H04L 9/0866 (2013.01); H04L 9/3239 (2013.01); H04L 9/3242 (2013.01); H04L 41/046 (2013.01); H04L 41/0668 (2013.01); H04L 41/0803 (2013.01); H04L 41/0806 (2013.01); H04L 41/0816 (2013.01); H04L 41/0893 (2013.01); H04L 41/12 (2013.01); H04L 41/16 (2013.01); H04L 41/22 (2013.01); H04L 43/02 (2013.01); H04L 43/026 (2013.01); H04L 43/04 (2013.01); H04L 43/062 (2013.01); H04L 43/08 (2013.01); H04L 43/0805 (2013.01); H04L 43/0811 (2013.01); H04L 43/0829 (2013.01); H04L 43/0841 (2013.01); H04L 43/0858 (2013.01); H04L 43/0864 (2013.01); H04L 43/0876 (2013.01); H04L 43/0882 (2013.01); H04L 43/0888 (2013.01); H04L 43/10 (2013.01); H04L 43/106 (2013.01); H04L 43/12 (2013.01); H04L 43/16 (2013.01); H04L 45/306 (2013.01); H04L 45/38 (2013.01); H04L 45/46 (2013.01); H04L 45/507 (2013.01); H04L 45/66 (2013.01); H04L 45/74 (2013.01); H04L 47/11 (2013.01); H04L 47/20 (2013.01); H04L 47/2441 (2013.01); H04L 47/2483 (2013.01); H04L 47/28 (2013.01); H04L 47/31 (2013.01); H04L 47/32 (2013.01); H04L 61/5007 (2022.05); H04L 63/0227 (2013.01); H04L 63/0263 (2013.01); H04L 63/06 (2013.01); H04L 63/0876 (2013.01); H04L 63/1408 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01); H04L 63/1433 (2013.01); H04L 63/1441 (2013.01); H04L 63/145 (2013.01); H04L 63/1458 (2013.01); H04L 63/1466 (2013.01); H04L 63/16 (2013.01); H04L 63/20 (2013.01); H04L 67/01 (2022.05); H04L 67/10 (2013.01); H04L 67/1001 (2022.05); H04L 67/12 (2013.01); H04L 67/51 (2022.05); H04L 67/75 (2022.05); H04L 69/16 (2013.01); H04L 69/22 (2013.01); H04W 72/54 (2023.01); H04W 84/18 (2013.01); G06F 2009/4557 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45591 (2013.01); G06F 2009/45595 (2013.01); G06F 2221/033 (2013.01); G06F 2221/2101 (2013.01); G06F 2221/2105 (2013.01); G06F 2221/2111 (2013.01); G06F 2221/2115 (2013.01); G06F 2221/2145 (2013.01); H04L 67/535 (2022.05)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
assigning, to a device associated with an internet protocol (IP) address, one or more reputation scores associated with a communication policy, the one or more reputation scores being based on at least one of a determination that the device has been infected by malware, a determination that the IP address of the device has been used to communicate with a different device that is infected by malware, or network activity associated with the device, wherein the device comprises a host in a data center at one of a virtual layer, a hypervisor layer and a physical layer; and
based on the one or more reputation scores, modifying a group policy membership of the device from a policy group to an additional policy group associated with the one or more reputation scores and which governs packet flow to the host in the data center.