| CPC H04L 63/1425 (2013.01) [H04L 63/1416 (2013.01); H04L 63/1433 (2013.01); H04L 63/145 (2013.01); H04L 63/20 (2013.01)] | 18 Claims |
|
1. A method comprising:
determining a security risk for each of a plurality of devices on a network;
presenting, to a display, a network traffic map that comprises network traffic between one or more of the plurality of devices and the security risk for each of the plurality of devices;
presenting, to the display, one or more suggested segmentations that are determined in view of the security risk of each of the plurality of devices, wherein the one or more suggested segmentations are ordered to group the plurality of devices in view of the security risk, wherein one of the one or more suggested segmentations isolates the one or more of the plurality of devices that is deemed as critical from a second of the plurality of devices that is deemed as being vulnerable or exhibiting negative behavior;
simulating, based on the network traffic between the one or more of the plurality of devices in the network traffic map, segmentation of the one or more of the plurality of devices on the network resulting in simulated network traffic and a simulated security risk of the one or more of the plurality of the devices on the network; and
presenting, to the display, the network traffic map comprising the network traffic prior to the simulating, alongside the simulated network traffic between the one or more of the plurality of devices and the simulated security risk of the one or more of the plurality of devices on the network, wherein the simulated network traffic is displayed as an overlay to the network traffic prior to the simulating.
|