Patent attributes
The technology discloses a computer-implemented policy manager device for a cloud-based security system that unifies functions of packet-level and protocol-level access control and traffic inspection, threat detection and activity contextualization on inspectable and non-inspectable traffic. The device includes a data manager for a superset of fields that specify security policies across the cloud-based unified functions, including common fields shared by two or more of the unified functions, means for receiving and storing policy specifications in a common format for values of the common fields as applied to each of the unified functions, whereby a user interacting with the means for receiving can specify security policies governing the cloud-based unified functions of access control and traffic inspection, threat detection and activity contextualization on inspectable and non-inspectable traffic. Also included is a policy manager configured to validate, save and distribute the policy specifications applicable to respective functions among the cloud-based unified functions.