公开(公告)号：US20240048384A1

公开(公告)日：2024-02-08

申请号：US17817422

申请日：2022-08-04

Applicant: Cisco Technology, Inc.

Inventor： Michael Freed ,  Elango Ganesan ,  Swapna Anandan

IPC: H04L9/32 ,  H04L9/40

CPC classification number: H04L9/3213 ,  H04L9/3273 ,  H04L63/123

Abstract: A zero-touch deployment (ZTD) manager receives a first request to issue a first cryptographic token to a constrained device for establishing a communications session between the constrained device and a secured resource. The ZTD manager evaluates identity information corresponding to the constrained device and determines whether the identity information is valid. If so, the ZTD manager returns the first cryptographic token to the constrained device, where it is stored in cache memory. The ZTD manager receives a second request to obtain a second cryptographic token from the secured resource. When the second cryptographic token is provided to the secured resource, the secured resource uses this second cryptographic token to validate the first cryptographic token and to facilitate the communications session with the constrained device.

公开(公告)号：US20240031017A1

公开(公告)日：2024-01-25

申请号：US17869006

申请日：2022-07-20

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Francesco Basile ,  Michael Freed ,  Yen Chih Lee ,  Elango Ganesan

IPC: H04B7/185 ,  H04L5/00

CPC classification number: H04B7/18584 ,  H04B7/18589 ,  H04L5/0073

Abstract: According to one or more embodiments of the disclosure, a device associated with a first cluster of data sources may identify an amount of data from the first cluster of data sources to be sent by the device to a satellite. The device may send, to the satellite, a request for a transmission window that indicates the amount of data to be sent by the device to the satellite. The device may receive, from the satellite, an indication of an assigned transmission window during which the device may transmit data to the satellite. The satellite may compute the assigned transmission window based on the amount of data and such that the assigned transmission window does not overlap an assigned transmission window of a neighboring device associated with a second cluster of data sources. The device may send, during the assigned transmission window, the data towards the satellite.

公开(公告)号：US20230299979A1

公开(公告)日：2023-09-21

申请号：US17824117

申请日：2022-05-25

Applicant: Cisco Technology, Inc.

Inventor： Manoj Kumar Kushwaha ,  Scott Taft Potter ,  David Scott McCowan ,  Shailendra Bhargava ,  Michael Freed

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3268 ,  H04L9/0866 ,  H04L9/3247

Abstract: Disclosed are techniques for dynamically creating policy-based intermediate certificates to sign device certificates of devices deployed in an enterprise network using ZTD. In one aspect, a method includes receiving network policy information to be used for creating policy-based intermediate certificates, each one of the policy-based intermediate certificates being used by a network controller for signing devices certificates of a different cluster of connected IoT devices; receiving, from an IoT device, a request for registration with the network controller; based on identifying information of the IoT device included in the request, determining one of the policy-based intermediate certificates to sign a device certificate of the loT device; and transmitting, to the IoT device, the device certificate signed using the one of the policy-based intermediate certificates.

公开(公告)号：US11012525B2

公开(公告)日：2021-05-18

申请号：US16224890

申请日：2018-12-19

Applicant: Cisco Technology, Inc.

Inventor： Michael Freed ,  Boris Degtyar ,  Krishna Chikkaveeraiah Chalamasandra ,  Bhuvanalakshmi Kadapakkam Nandabalan

IPC: H04L29/08

Abstract: In one embodiment, a sender device in a network sends a plurality of uncompressed messages to a receiver device in the network. The sender device generates a sender-side compression dictionary based on the plurality of uncompressed messages. The receiver device also generates a receiver-side compression dictionary based on the uncompressed message. The sender device obtains an approval of the sender-side compression dictionary from the receiver device by sending a checksum of the sender-side compression dictionary to the receiver device, whereby the receiver device generates the approval by comparing the checksum of the sender-side compression dictionary to a checksum of the receiver-side compression dictionary. The sender device sends a compressed message to the receiver device that is compressed using the sender-side compression dictionary, after obtaining the approval of the sender-side compression dictionary from the receiver device.

公开(公告)号：US11582601B2

公开(公告)日：2023-02-14

申请号：US16868097

申请日：2020-05-06

Applicant: Cisco Technology, Inc.

Inventor： Elango Ganesan ,  Michael Freed ,  Scott Taft Potter

IPC: H04W72/04 ,  H04W12/04 ,  H04L12/46 ,  H04W8/18 ,  H04W64/00 ,  H04W12/06 ,  H04W60/00 ,  H04W12/088 ,  H04L61/5007

Abstract: In one embodiment, a service receives a device registration request sent by an endpoint device, wherein the endpoint device executes an onboarding agent that causes the endpoint device to send the device registration request via a cellular connection to a private access point name (APN) associated with the service. The service verifies that a network address of the endpoint device from which the device registration request was sent is associated with an integrated circuit card identifier (ICCID) or international mobile equipment identity (IMEI) indicated by the device registration request. The service identifies a tenant identifier associated with the ICCID or IMEI. The service sends, based on the tenant identifier, a device registration response to the endpoint device via the private APN.

公开(公告)号：US20180041406A1

公开(公告)日：2018-02-08

申请号：US15786471

申请日：2017-10-17

Applicant: Cisco Technology, Inc.

Inventor： Laurent Plumelle ,  Lawrence Rolfe Kreeger ,  Michael Freed ,  Rituraj Kirti ,  Joe Joseph Karimundackal ,  Elango Ganesan ,  Brian Yoshiaki Uchino ,  Siva M. Vaddepuri ,  Shubhashree Venkatesh

IPC: H04L12/24

CPC classification number: H04L41/5054 ,  G06F9/50 ,  G06F9/5061

Abstract: In one embodiment, the system may identify a virtual network, the virtual network including a plurality of virtual entities and connections among the plurality of virtual entities. The system may automatically map each of the plurality of virtual entities to one or more resources or resource pools such that the virtual network is mapped to a physical network, wherein mapping includes allocating one or more resources or resource pools to a corresponding one of the plurality of virtual entities.

公开(公告)号：US20150106488A1

公开(公告)日：2015-04-16

申请号：US14578213

申请日：2014-12-19

Applicant: Cisco Technology, Inc.

Inventor： Laurent Plumelle ,  Lawrence Rolfe Kreeger ,  Michael Freed ,  Rituraj Kirti ,  Joe Joseph Karimundackal ,  Elango Ganesan ,  Brian Yoshiaki Uchino ,  Siva M. Vaddepuri ,  Shubhashree Venkatesh

IPC: H04L12/24

CPC classification number: H04L41/5054 ,  G06F9/50 ,  G06F9/5061

Abstract: In one embodiment, the system may identify a virtual network, the virtual network including a plurality of virtual entities and connections among the plurality of virtual entities. The system may automatically map each of the plurality of virtual entities to one or more resources or resource pools such that the virtual network is mapped to a physical network, wherein mapping includes allocating one or more resources or resource pools to a corresponding one of the plurality of virtual entities.

Abstract translation: 在一个实施例中，系统可以识别虚拟网络，虚拟网络包括多个虚拟实体和多个虚拟实体之间的连接。 系统可以自动地将多个虚拟实体中的每一个映射到一个或多个资源或资源池，使得虚拟网络被映射到物理网络，其中映射包括将一个或多个资源或资源池分配给多个对应的一个 的虚拟实体。

公开(公告)号：US20250055833A1

公开(公告)日：2025-02-13

申请号：US18231443

申请日：2023-08-08

Applicant: Cisco Technology, Inc.

Inventor： Michael Freed ,  Aaron Selesi ,  Sravanth Yajamanam ,  Ryan Holland

IPC: H04L9/40 ,  H04L45/42

Abstract: In one embodiment, a method is disclosed comprising: measuring, by a process, a baseline of port and protocol usage of an accessing device while forwarding to a particular remote device is disabled; measuring, by the process, usage by an accessing application of specific ports and protocols while attempting to connect to the particular remote device while forwarding to the particular remote device is disabled; and causing, by the process, opening of the specific ports and protocols for operation of the accessing application with forwarding enabled to the particular remote device.

公开(公告)号：US20250055760A1

公开(公告)日：2025-02-13

申请号：US18231372

申请日：2023-08-08

Applicant: Cisco Technology, Inc.

Inventor： Swapna Anandan ,  Michael Freed ,  Akshay Khushu ,  Ruben Erick Escolero

IPC: H04L41/12 ,  H04L41/14 ,  H04L67/12

Abstract: In one embodiment, a process discovers network topology information of a particular computer network and creates a plurality of zones of devices in the particular computer network based on the network topology information. The process also discovers network communication activity patterns and endpoints of the particular computer network and creates a plurality of conduits between devices of the particular computer network based on the network communication activity patterns and endpoints of the particular computer network and association of the devices within the plurality of zones as described above.

公开(公告)号：US20240403452A1

公开(公告)日：2024-12-05

申请号：US18381080

申请日：2023-10-17

Applicant: Cisco Technology, Inc.

Inventor： Fiona Hall-Zazueta ,  Michael Freed ,  Jason Trung Hoa Tang ,  Sravanth Yajamanam

IPC: G06F21/60 ,  G06F21/84

Abstract: In one embodiment, a method is disclosed comprising: detecting, by a processor, a remote access session from an accessing device to an accessed device; determining, by the processor, an access session screen-sharing security policy for the accessed device; and preventing, by the processor, the remote access session in response to a violation of the access session screen-sharing security policy.