US 12,284,219 B2
Zero-trust dynamic discovery
Saravanan Sampathkumar, San Jose, CA (US); Ajay K. Modi, San Jose, CA (US); Umamaheswararao Karyampudi, Fremont, CA (US); Kamal Bakshi, Livermore, CA (US); and Yousuf H. Khan, Saratoga, CA (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Jan. 12, 2024, as Appl. No. 18/412,033.
Application 18/412,033 is a continuation of application No. 17/937,169, filed on Sep. 30, 2022, granted, now 12,052,290.
Application 17/937,169 is a continuation of application No. 16/988,419, filed on Aug. 7, 2020, granted, now 11,503,077, issued on Nov. 15, 2022.
Prior Publication US 2024/0155005 A1, May 9, 2024
Int. Cl. H04L 67/55 (2022.01); G06F 8/65 (2018.01); G06F 16/28 (2019.01); H04L 9/40 (2022.01)
CPC H04L 63/20 (2013.01) [G06F 8/65 (2013.01); G06F 16/285 (2019.01); H04L 67/55 (2022.05)] 17 Claims
OG exemplary drawing
 
1. A method, comprising:
identifying a plurality of targets attached to a network using NVMe/TCP (NVMe over Transmission Control Protocol) (TCP network), each target associated with a non-volatile storage device;
creating a plurality of target groups including a first target group in accordance with a security policy;
receiving, at a discovery service, a discovery request from an initiator over the TCP network;
determining whether the security policy allows network interaction between the initiator and the first target group; and
if network interaction between the initiator and the first target group is allowed by the security policy, returning addressing information for a target within the first target group.