US 12,328,204 B2
Cloud-based security controls for multi-level hierarchal equipment access
Robert E. Barton, Richmond (CA); Flemming Stig Andreasen, Marlboro, NJ (US); Jerome Henry, Pittsboro, NC (US); and Elango Ganesan, Palo Alto, CA (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Dec. 22, 2022, as Appl. No. 18/087,094.
Prior Publication US 2024/0214386 A1, Jun. 27, 2024
Int. Cl. H04L 12/46 (2006.01); H04L 9/40 (2022.01); H04L 45/00 (2022.01); H04W 48/16 (2009.01)
CPC H04L 12/4633 (2013.01) [H04L 45/56 (2013.01); H04L 63/0281 (2013.01); H04L 63/107 (2013.01); H04L 63/205 (2013.01); H04W 48/16 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method, comprising:
determining, by a device, a hierarchy of layers of a network comprising a plurality of networking devices;
configuring, by the device and in response to a request by a client to access remotely a particular endpoint in the network, a proxy chain of remote access agents executed by a plurality of networking devices in the network to allow the client to access remotely the particular endpoint, each of those networking devices proxying traffic between different layers of the hierarchy;
determining, by the device, an access policy for the particular endpoint indicative of which commands may be sent to the particular endpoint by the client, based in part on where the particular endpoint is in the hierarchy; and
controlling, by the device and based on the access policy, whether a command sent by the client is transmitted via the proxy chain to the particular endpoint.