| CPC H04L 63/20 (2013.01) [H04L 61/5007 (2022.05); H04L 63/0236 (2013.01); H04L 63/0263 (2013.01); H04L 63/10 (2013.01); H04W 24/08 (2013.01)] | 20 Claims |
|
1. A system, comprising:
a processor configured to:
monitor network traffic on a service provider network at a security platform to identify a subscriber with a new IP flow, wherein the security platform is configured to passively monitor one or more 3rd Generation Partnership Project (3GPP) related interfaces;
associate the subscriber with the new IP flow at the security platform;
determine a security policy to apply at the security platform to the new IP flow based on the subscriber, wherein the security platform is configured to infer a plurality of security policies for IP addresses associated with a plurality of subscribers using the service provider network based on one or more messages intercepted during monitoring of the network traffic on the service provider network at the security platform;
apply dynamic policy per the new IP flow with the security policy for IP addresses associated with the subscriber on the service provider network based on one or more messages intercepted during monitoring of the network traffic on the service provider network at the security platform, wherein a subscriber/IP address is mapped to a security policy to facilitate security policy enforcement per IP flow using the security platform; and
enforce the security policy on the new IP flow using the security platform to allow the new IP flow to access a resource based on the security policy; and
a memory coupled to the processor and configured to provide the processor with instructions.
|