US 12,177,261 B2
Adaptive network security using zero trust microsegmentation
Harish Akali, Acton, MA (US); Satyam Tyagi, Fremont, CA (US); Wyn Owen, San Jose, CA (US); Surya Kollimarla, Santa Clara, CA (US); and Rajesh Khazanchi, Cupertino, CA (US)
Assigned to ColorTokens Inc., San Jose, CA (US)
Filed by ColorTokens Inc., San Jose, CA (US)
Filed on Mar. 28, 2024, as Appl. No. 18/620,714.
Application 18/620,714 is a continuation of application No. 18/343,402, filed on Jun. 28, 2023.
Claims priority of provisional application 63/461,476, filed on Apr. 24, 2023.
Prior Publication US 2024/0356982 A1, Oct. 24, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/20 (2013.01) [H04L 63/0263 (2013.01); H04L 63/1425 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A zero-trust microsegmentation method comprising:
establishing a network where each device of the network is in its own network-of-one, wherein the networks-of-one are configured to cause all device
traffic to traverse a gatekeeper configured as a default gateway for the devices of the network;
collecting, using the gatekeeper, information associated with the devices of the network;
determining, using the gatekeeper and based on the collected information, a plurality of network microsegments;
determining an initial zero-trust security policy in which communication permissions for the devices of the network are denied by default unless otherwise allowed, the communication permissions including one or more communication dimensions;
analyzing, using the gatekeeper, network traffic under the initial zero-trust security policy; and
adapting the initial zero-trust security policy, based on the analysis of the network traffic, to adjust the communication permissions for the one or more communication dimensions to generate an adapted zero-trust security policy including one or more modifications to the one or more communication dimensions.