Abstract: Systems and methods for monitoring devices on a network are describes. An indication of one or more active devices coupled to a network at an end of a time interval is received. Network traffic data associated with the network is received and one or more additional devices coupled to the network during the time interval that were not included in the indication of the one or more active devices coupled to the network at the end of the time interval are determined based on the network traffic data.

Abstract: Systems, methods, and related technologies for segmentation management are described. In certain aspects, an entity communicatively coupled to a network is selected and one or more characteristics of the entity may be determined. A segmentation policy may be selected based on the one or more characteristics of the entity and one or more tags to be assigned to the entity based on the segmentation policy may be determined. A zone for the entity based on the one or more tags may be determined and one or more enforcement points associated with the zone for the entity may be determined. One or more enforcement actions may then be assigned to the one or more enforcement points based on the zone associated with the entity.

Abstract: Systems, methods, and related technologies for segmentation management are described. In certain aspects, an entity communicatively coupled to a network is selected and one or more characteristics of the entity may be determined. A segmentation policy may be selected based on the one or more characteristics of the entity and one or more tags to be assigned to the entity based on the segmentation policy may be determined. A zone for the entity based on the one or more tags may be determined and one or more enforcement points associated with the zone for the entity may be determined. One or more enforcement actions may then be assigned to the one or more enforcement points based on the zone associated with the entity.

Abstract: Systems, methods, and related technologies for access control management are described. The access control management may be customized for an entity and be configured on an enforcement point closest to the entity. In certain aspects, an entity communicatively coupled to a network is selected and one or more characteristics of the entity determined. An access policy may be selected based on the one or more characteristics of the entity and one or more enforcement points closest to the entity determined. One or more access rules to be assigned to the one or more enforcement points based on the access policy may be determined, wherein the one or more access rules are specific to the entity based on the one or more characteristics of the entity. The one or more access rules assigned to or configured on the one or more enforcement points closest to the entity are assigned.

Abstract: Systems, methods, and related technologies for segmentation management are described. The segmentation management may include visualization, configuration including translation, simulation, or a combination thereof of one or more segmentation policies. In certain aspects, a segmentation policy is accessed and a segmentation rule is determined based on the segmentation policy, wherein the segmentation rule is based on a characteristic of an entity determined without the use of an agent. An enforcement point associated with the segmentation rule may be determined, where the enforcement point is communicatively coupled to a network. The segmentation rule may be translated into a configuration associated with the enforcement point and the configuration communicated to the enforcement point.

Abstract: Systems, methods, and related technologies for access control management are described. The access control management may be customized for an entity and be configured on an enforcement point closest to the entity. In certain aspects, an entity communicatively coupled to a network is selected and one or more characteristics of the entity determined. An access policy may be selected based on the one or more characteristics of the entity and one or more enforcement points closest to the entity determined. One or more access rules to be assigned to the one or more enforcement points based on the access policy may be determined and the one or more access rules assigned to or configured on the one or more enforcement points closest to the entity.

Abstract: Systems, methods, and related technologies including media access control (MAC) address spoofing detection are described. The MAC address spoofing detection and response may include accessing a first MAC address associated with a first communication on a first port of a first network device and accessing a second MAC address associated with a second communication on a second port of a second network device. Whether the first MAC address and the second MAC address match may be determined. Information associated with a third communication associated with the first MAC address on the first port of the first network device and information associated with a fourth communication associated with the second MAC address on the second port of the second network device may be accessed. An action may be performed associated with the second port of the second network device based on the second MAC address matching the first MAC address.

Abstract: Systems, methods, and related technologies for segmentation management are described. The segmentation management may include visualization, configuration including translation, simulation, or a combination thereof of one or more segmentation policies. In certain aspects, a segmentation policy is accessed and a segmentation rule is determined based on the segmentation policy. An enforcement point associated with the segmentation rule may be determined, where the enforcement point is communicatively coupled to a network. The segmentation rule may be translated into a configuration associated with the enforcement point and the configuration communicated to the enforcement point.

Abstract: Systems, methods, and related technologies including media access control (MAC) address spoofing detection are described. The MAC address spoofing detection and response may include accessing a first MAC address associated with a first communication on a first port of a first network device and accessing a second MAC address associated with a second communication on a second port of a second network device. Whether the first MAC address and the second MAC address match may be determined. Information associated with a third communication associated with the first MAC address on the first port of the first network device and information associated with a fourth communication associated with the second MAC address on the second port of the second network device may be accessed. An action may be performed associated with the second port of the second network device based on the second MAC address matching the first MAC address.

Abstract: Systems and methods for monitoring devices on a network are describes. An indication of one or more active devices coupled to a network at an end of a time interval is received. Network traffic data associated with the network is received and one or more additional devices coupled to the network during the time interval that were not included in the indication of the one or more active devices coupled to the network at the end of the time interval are determined based on the network traffic data.

Abstract: Systems, methods, and related technologies for segmentation management are described. The segmentation management may include visualization, configuration, simulation, or a combination thereof of one or more segmentation policies. In certain aspects, a plurality of segmentation rules are accessed and one or more characteristics of a plurality of entities communicatively coupled to a network are determined. A plurality of groups may be determined based on at least one characteristic of the one or more characteristics, where each group comprises at least one entity of the plurality of entities. A first group and a second group from the plurality of groups may be selected and one or more segmentation rules associated with the first group determined. One or more segmentation rules associated with the second group may be determined.

Abstract: Systems, methods, and related technologies for segmentation management are described. The segmentation management may include visualization, configuration, simulation, or a combination thereof of one or more segmentation policies. In certain aspects, a plurality of segmentation rules are accessed and one or more characteristics of a plurality of entities communicatively coupled to a network are determined. A plurality of groups may be determined based on at least one characteristic of the one or more characteristics, where each group comprises at least one entity of the plurality of entities. A first group and a second group from the plurality of groups may be selected and one or more segmentation rules associated with the first group determined. One or more segmentation rules associated with the second group may be determined.

Abstract: Systems, methods, and related technologies for device monitoring are described. In certain aspects, network traffic data is analyzed to determine one or more devices associated with a network. The network may be a remote network. The network traffic data may further be used to determine one or more non-active devices associated with the network.

Abstract: Systems, methods, and related technologies for determining an anomaly based on properties associated with an entity are described. The determination of an anomaly associated with an entity may include accessing network traffic from a network and storing a first value of a property associated with an entity communicatively coupled to the network. The first value of the property is based on the network traffic. Additional network traffic associated with the entity may be accessed and a second value of the property determined based on the additional network traffic. Whether the first value of the property does not match the second value of the property may be determined and in response to the first value of the property not matching the second value of the property, an indicator that an anomaly has detected may be stored. An action may be performed based on determination of an anomaly.

Abstract: Systems, methods, and related technologies for access control management are described. The access control management may be customized for an entity and be configured on an enforcement point closest to the entity. In certain aspects, an entity communicatively coupled to a network is selected and one or more characteristics of the entity determined. An access policy may be selected based on the one or more characteristics of the entity and one or more enforcement points closest to the entity determined. One or more access rules to be assigned to the one or more enforcement points based on the access policy may be determined and the one or more access rules assigned to or configured on the one or more enforcement points closest to the entity.

Abstract: Systems, methods, and related technologies including media access control (MAC) address spoofing detection are described. The MAC address spoofing detection and response may include accessing a first MAC address associated with a first communication on a first port of a first network device and accessing a second MAC address associated with a second communication on a second port of a second network device. Whether the first MAC address and the second MAC address match may be determined. Information associated with a third communication associated with the first MAC address on the first port of the first network device and information associated with a fourth communication associated with the second MAC address on the second port of the second network device may be accessed. An action may be performed associated with the second port of the second network device based on the second MAC address matching the first MAC address.

Abstract: Systems, methods, and related technologies for device monitoring are described. In certain aspects, network traffic data is analyzed to determine one or more devices associated with a network. The network may be a remote network. The network traffic data may further be used to determine one or more non-active devices associated with the network.

Abstract: Systems, methods, and related technologies for device monitoring are described. In certain aspects, network traffic data is analyzed to determine one or more devices associated with a network. The network may be a remote network. The network traffic data may further be used to determine one or more non-active devices associated with the network.

Abstract: Systems, methods, and related technologies for segmentation management are described. In certain aspects, an entity communicatively coupled to a network is selected and one or more characteristics of the entity may be determined. A segmentation policy may be selected based on the one or more characteristics of the entity and one or more tags to be assigned to the entity based on the segmentation policy may be determined. A zone for the entity based on the one or more tags may be determined and one or more enforcement points associated with the zone for the entity may be determined. One or more enforcement actions may then be assigned to the one or more enforcement points based on the zone associated with the entity.

Abstract: Systems, methods, and related technologies for segmentation management are described. The segmentation management may include visualization, configuration including translation, simulation, or a combination thereof of one or more segmentation policies. In certain aspects, a segmentation policy is accessed and a segmentation rule is determined based on the segmentation policy. An enforcement point associated with the segmentation rule may be determined, where the enforcement point is communicatively coupled to a network. The segmentation rule may be translated into a configuration associated with the enforcement point and the configuration communicated to the enforcement point.