Abstract: This disclosure describes techniques and mechanisms for improving security within SDWAN fabric and utilizing telemetry data from non-enterprise providers to remediate compromised SDWAN site(s) and/or user(s). The techniques may implement an integration of non-enterprise application(s) and API(s) with an enterprise network, thereby enabling the enterprise network to identify compromised endpoint(s), identify user(s), group(s), site(s) that are impacted, and take a corrective action (by the enterprise network and/or the non-enterprise application(s) or API(s)) on the enterprise fabric.

Abstract: Techniques for user identity-based security policy enforcement. The techniques may include sending, to an edge device associated with a network, a networking policy associated with a user. The techniques may also include receiving, from an identity provider, an IP address associated with the user. Additionally, the techniques may include sending, to the edge device, an indication to associate the IP address with the user such that the edge device applies the networking policy to packets that include the IP address.

Abstract: In one embodiment, a device of a vehicle receives a packet comprising a source address, a destination address, an internet protocol (IP) encapsulated controller area network (CAN) message, and CAN message identifier information. The device compares the source address, the destination address, and the CAN message identifier information to an access control list (ACL). The device makes a determination that delivery of the CAN message to the destination address would be a policy violation based on the comparison. The device drops the packet based on the determination that delivery of the CAN message to the destination address would be a policy violation.

Abstract: In one embodiment, a device of a vehicle receives a packet comprising a source address, a destination address, an internet protocol (IP) encapsulated controller area network (CAN) message, and CAN message identifier information. The device compares the source address, the destination address, and the CAN message identifier information to an access control list (ACL). The device makes a determination that delivery of the CAN message to the destination address would be a policy violation based on the comparison. The device drops the packet based on the determination that delivery of the CAN message to the destination address would be a policy violation.