Abstract: One or more lower-level attributes of a first network policy are translated to one or more higher-level attributes of the first network policy, and one or more lower-level attributes of a second network policy are translated to one or more higher-level attributes of the second network policy. The first network policy controls how first network traffic is handled, and the second network policy controls how second network traffic is handled. The one or more higher-level attributes of the first network policy are compared with the one or more higher-level attributes of the second network policy. Based on the comparing, it is determined whether the first network traffic and the second network traffic are handled in a functionally equivalent manner. If not, the first network policy is dynamically updated to generate an updated first network policy that causes the first network traffic to be handled in the functionally equivalent manner.

Abstract: One or more lower-level attributes of a first network policy are translated to one or more higher-level attributes of the first network policy, and one or more lower-level attributes of a second network policy are translated to one or more higher-level attributes of the second network policy. The first network policy controls how first network traffic is handled, and the second network policy controls how second network traffic is handled. The one or more higher-level attributes of the first network policy are compared with the one or more higher-level attributes of the second network policy. Based on the comparing, it is determined whether the first network traffic and the second network traffic are handled in a functionally equivalent manner. If not, the first network policy is dynamically updated to generate an updated first network policy that causes the first network traffic to be handled in the functionally equivalent manner.

Abstract: Techniques are provided by which devices in a network may subscribe to a rapidly changing rules in central threat repository. The policies associated with threats are filtered so that just current attack vectors from within subnets learned via routing and/or forwarding information (at the network level of the network) are installed in the local access control list/policy database of the network devices. As routing changes occur, the list of applied policies are continually refined/revisited and pulled from a central security application. Publish/subscribe mechanisms ensure “zombie” policies are not left over in the device after reboot or routing changes occur.

Abstract: A method and related apparatus for performing inspection of flows within a software defined network includes monitoring an indicator indicative of a presence of malware in a selected flow in an electronic communications network, when the indicator suggests the presence of malware in the selected flow, requesting a network device to redirect the selected flow, or to copy the selected flow and send a resulting copy of the selected flow, to a security appliance, and causing the security appliance to be reconfigured in response to the indicator that suggest the presence of malware in the selected flow.

Abstract: Techniques are provided by which devices in a network may subscribe to a rapidly changing rules in central threat repository. The policies associated with threats are filtered so that just current attack vectors from within subnets learned via routing and/or forwarding information (at the network level of the network) are installed in the local access control list/policy database of the network devices. As routing changes occur, the list of applied policies are continually refined/revisited and pulled from a central security application. Publish/subscribe mechanisms ensure “zombie” policies are not left over in the device after reboot or routing changes occur.