| CPC H04L 41/0866 (2013.01) [H04L 41/0893 (2013.01); H04L 41/12 (2013.01); H04L 41/28 (2013.01)] | 20 Claims |
|
1. A method comprising:
receiving, by a system comprising a hardware processor from a client device, a request for attestation of a back-end network, the request including a back-end network configuration requirement;
responsive to the request, obtaining, by the system from a network controller that controls the back-end network, a back-end network topology that specifies a plurality of network elements included in the back-end network, and links between the plurality of network elements;
sending, by the system to each respective network element of the plurality of network elements specified by the obtained back-end network topology, a request for attestation of a network element configuration of the respective network element;
receiving, by the system from each respective network element of the plurality of network elements responsive to the request for attestation of the network element configuration sent to the respective network element, response data that specifies the network element configuration of the respective network element, the network element configuration including data specifying links between the respective network element and other network elements, and including a port forwarding rule used by the respective network element to handle network traffic;
verifying, by the system, that the response data received from each network element included in the back-end network meets the back-end network configuration requirement included in the request for attestation of the back-end network; and
providing, by the system, the client device with data verifying that the back-end network meets the back-end network configuration requirement.
|