Abstract: A management entity generates for display multiple icons, each icon representing an actor or a resource in a networking environment, and defines a generic security policy by receiving user input in the form of a line drawn between a first icon representing an actor and a second icon representing a resource to control abilities between the actor and the resource. The management entity translates the generic security policy to multiple native security policies each of which is based on a corresponding one of multiple native policy models associated with corresponding ones of multiple security devices, and supply data descriptive of the multiple native security policies to the corresponding ones of the security devices to configure the corresponding ones of the security devices to implement the native security policies.

Abstract: A management entity imports information included in security policies from security devices configured to operate in accordance with respective ones of the security policies. The information is classified into security policy classifications based on commonality in the information across the security policies. The security policy classifications are displayed as selectable security policy classifications. An entry of a policy template name and selections of multiple security policy classifications are received. The security policies in the multiple selected security policy classifications are assigned to a security policy template identified by the entered policy template name.

Abstract: A management entity generates for display multiple icons, each icon representing an actor or a resource in a networking environment, and defines a generic security policy by receiving user input in the form of a line drawn between a first icon representing an actor and a second icon representing a resource to control abilities between the actor and the resource. The management entity translates the generic security policy to multiple native security policies each of which is based on a corresponding one of multiple native policy models associated with corresponding ones of multiple security devices, and supply data descriptive of the multiple native security policies to the corresponding ones of the security devices to configure the corresponding ones of the security devices to implement the native security policies.

Abstract: A management entity receives from multiple security devices corresponding native security policies each based on a native policy model associated with the corresponding security device. Each security device controls access to resources by devices associated with the security device according to the corresponding native security policy. The management entity normalizes the received native security policies across the security devices based on a generic policy model, to produce a normalized security policy that is based on the generic policy model and representative of the native security polices.

Abstract: A management entity discovers security devices connected to a network. Each security device controls access to resources by devices associated with the security device according to a corresponding native security policy that is based on a corresponding native policy model associated with the security device. The management entity imports the native security policies from the corresponding security devices over the network, and normalizes the imported native security policies across the security devices based on a generic policy model, to produce normalized security policies that are based on the generic policy model and representative of the native security polices. The management entity receives security events from the security devices, and processes the received security events among the security devices based on the normalized security policies.

Abstract: A management entity displays a plurality of icons, each icon representing an actor or a resource in a networking environment. The management entity defines security policy by receiving user input in the form of lines drawn between icons representing actors and resources to control abilities between actors and resources.

Abstract: A management entity imports information included in security policies from security devices configured to operate in accordance with respective ones of the security policies. The information is classified into security policy classifications based on commonality in the information across the security policies. The security policy classifications are displayed as selectable security policy classifications. An entry of a policy template name and selections of multiple security policy classifications are received. The security policies in the multiple selected security policy classifications are assigned to a security policy template identified by the entered policy template name.

Abstract: A management entity connects with multiple security devices across a network. Each security device operates in accordance with one or more security policies. The management entity imports, over the network, data describing the security policies from the multiple security devices. The management entity classifies the imported security policies into security policy classifications based on commonality in information included in the security policies across the multiple security devices.

Abstract: A management entity receives from multiple security devices corresponding native security policies each based on a native policy model associated with the corresponding security device. Each security device controls access to resources by devices associated with the security device according to the corresponding native security policy. The management entity normalizes the received native security policies across the security devices based on a generic policy model, to produce a normalized security policy that is based on the generic policy model and representative of the native security polices.

Abstract: A management entity connects with multiple security devices across a network. Each security device operates in accordance with one or more security policies. The management entity imports, over the network, data describing the security policies from the multiple security devices. The management entity classifies the imported security policies into security policy classifications based on commonality in information included in the security policies across the multiple security devices.

Abstract: A management entity discovers security devices connected to a network. Each security device controls access to resources by devices associated with the security device according to a corresponding native security policy that is based on a corresponding native policy model associated with the security device. The management entity imports the native security policies from the corresponding security devices over the network, and normalizes the imported native security policies across the security devices based on a generic policy model, to produce normalized security policies that are based on the generic policy model and representative of the native security polices. The management entity receives security events from the security devices, and processes the received security events among the security devices based on the normalized security policies.

Abstract: A management entity displays a plurality of icons, each icon representing an actor or a resource in a networking environment. The management entity defines security policy by receiving user input in the form of lines drawn between icons representing actors and resources to control abilities between actors and resources.

Abstract: The present invention authenticates a user for multiple resources distributed across multiple domains through the performance of a single authentication. User access requests for a protected resource in a first domain are received and redirected to a second domain. User authentication is performed at the second domain. In one embodiment, the system transmits an authentication cookie for the second domain to the user after authentication at the second domain. In another embodiment, the system further redirects subsequent resource requests for resources in the first domain or a third domain to the second domain. The second domain confirms the user's authentication for applicable portions of the first, second, and third domains using the cookie.