知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

15 records (took 0.016 seconds)

    Security profile selection and configuration of network devices via ownership voucher extension
    1.
    发明授权
    Security profile selection and configuration of network devices via ownership voucher extension 有权

    公开(公告)号:US12206664B2

    公开(公告)日:2025-01-21

    申请号:US17745417

    申请日:2022-05-16

    Applicant: Cisco Technology, Inc.

    Inventor: Jabir Hamediya Mohammed Reda Haddad Srihari Raghavan Sandesh K. Rao

    IPC: G06F21/00 H04L9/40

    Abstract: Techniques and architecture are described for providing a configurable security posture for a network device using an extended ownership artifact, e.g., an ownership voucher, an ownership certificate, etc., and a security profile mechanism that scales to user needs and desires for security profiles on network devices, i.e., easily and securely customizable on thousands of nodes of a network. The configurable security posture may be achieved using the manufacturer authorized signing authority (MASA) to issue an ownership voucher with a security bit extension to support security profile additions. Using the MASA service, a user may explicitly decide on various security postures of a given network device and may apply that profile across the fixed or modular chassis of a network of network devices.

    Configuration Payload Separation Policies
    2.
    发明申请
    Configuration Payload Separation Policies 有权

    公开(公告)号:US20230034615A1

    公开(公告)日:2023-02-02

    申请号:US17390272

    申请日:2021-07-30

    Applicant: Cisco Technology, Inc.

    Inventor: Frédéric René Philippe Detienne Reda Haddad Ryan Joseph Jaques

    IPC: H04L9/08 H04L9/14 H04L12/46

    Abstract: Disclosed are systems, apparatuses, methods, and computer-readable media for configuration payload separation policies. According to at least one example, a method is provided for device function. The method includes: during a boot sequence of a network device, generating a unique key for encrypting and decrypting data; identifying a secure location in the network device for storing the unique key; storing the unique key in the secure location; encrypting a configuration payload with the unique key; storing the encrypted configuration payload in an external non-volatile memory; and, in response to a request to access data within the configuration payload, decrypting the encrypted configuration payload using the unique key.

    Validation of iPXE scripts using owner certificates and ownership vouchers
    3.
    发明授权
    Validation of iPXE scripts using owner certificates and ownership vouchers 有权

    公开(公告)号:US12067402B2

    公开(公告)日:2024-08-20

    申请号:US17943440

    申请日:2022-09-13

    Applicant: Cisco Technology, Inc.

    Inventor: Reda Haddad Martin Edward Ramsdale Srihari Raghavan Jabir Hamediya Mohammed Sandesh K. Rao

    IPC: G06F9/4401 G06F9/448 H04L9/32

    CPC classification number: G06F9/4401 G06F9/4482 H04L9/3268

    Abstract: Techniques and architecture are described for validating and verifying iPXE scripts prior to execution during a booting process. During the booting process of a network device, right after the UEFI/BIOS stage of the booting process, a trusted iPXE script may make a request to a network server for the ownership voucher and owner certificate of the network device. The ownership voucher and owner certificate may then be stored in a trusted platform module (TPM) on the network device. In configurations, the retrieved owner certificate may be validated by the ownership voucher. The owner certificate may be used to validate iPXE scripts. Once validated, the iPXE scripts may be executed and the booting process may be continued to the kernel loading step and the application loading step. During a subsequent booting process of the network device, the ownership voucher and owner certificate may be retrieved from the TPM.

    ESTABLISHING OWNERSHIP OF DUAL ROUTE PROCESSORS (RPs) USING SECURE ZERO-TOUCH PROVISIONING (ZTP)
    4.
    发明公开
    ESTABLISHING OWNERSHIP OF DUAL ROUTE PROCESSORS (RPs) USING SECURE ZERO-TOUCH PROVISIONING (ZTP) 审中-公开

    公开(公告)号:US20230325848A1

    公开(公告)日:2023-10-12

    申请号:US17658886

    申请日:2022-04-12

    Applicant: Cisco Technology, Inc.

    Inventor: Naren Mudivarthy Reda Haddad

    IPC: G06Q30/00

    CPC classification number: G06Q30/0185 G06F9/4401

    Abstract: According to certain embodiments, a method performed by a device comprises obtaining, from a plurality of hardware modules of the device, a plurality of serial numbers associated with the plurality of hardware modules. Each hardware module is associated with a respective serial number. The method further comprises obtaining, from a provisioning system, one or more ownership vouchers corresponding to the plurality of serial numbers. The method further comprises verifying, for each hardware module of the plurality of hardware modules, whether to trust said hardware module based at least in part on the one or more ownership vouchers.

    VALIDATION OF IPXE SCRIPTS USING OWNER CERTIFICATES AND OWNERSHIP VOUCHERS
    8.
    发明公开
    VALIDATION OF IPXE SCRIPTS USING OWNER CERTIFICATES AND OWNERSHIP VOUCHERS 审中-公开

    公开(公告)号:US20240086205A1

    公开(公告)日:2024-03-14

    申请号:US17943440

    申请日:2022-09-13

    Applicant: Cisco Technology, Inc.

    Inventor: Reda Haddad Martin Edward Ramsdale Srihari Raghavan Jabir Hamediya Mohammed Sandesh K. Rao

    IPC: G06F9/4401 G06F9/448 H04L9/32

    CPC classification number: G06F9/4401 G06F9/4482 H04L9/3268

    Abstract: Techniques and architecture are described for validating and verifying iPXE scripts prior to execution during a booting process. During the booting process of a network device, right after the UEFI/BIOS stage of the booting process, a trusted iPXE script may make a request to a network server for the ownership voucher and owner certificate of the network device. The ownership voucher and owner certificate may then be stored in a trusted platform module (TPM) on the network device. In configurations, the retrieved owner certificate may be validated by the ownership voucher. The owner certificate may be used to validate iPXE scripts. Once validated, the iPXE scripts may be executed and the booting process may be continued to the kernel loading step and the application loading step. During a subsequent booting process of the network device, the ownership voucher and owner certificate may be retrieved from the TPM.

    COMPOSITE KEY PERFORMANCE INDICATORS FOR NETWORK HEALTH MONITORING
    10.
    发明申请
    COMPOSITE KEY PERFORMANCE INDICATORS FOR NETWORK HEALTH MONITORING 有权

    公开(公告)号:US20210243097A1

    公开(公告)日:2021-08-05

    申请号:US17237243

    申请日:2021-04-22

    Applicant: Cisco Technology, Inc.

    Inventor: Scott Zhenlong Huang Reda Haddad Venkatabalakrishnan Krishnamurthy Selvakumaran N. Subramanian

    IPC: H04L12/26 H04L12/24

    Abstract: A remote server monitors the health of a network of computing devices through hierarchical composite indicators by obtaining performance attributes from computing devices in the network. The server generates a composite indicator associated with one or more of the computing device based on a combination of at least two performance attributes of the computing device(s). The server monitors the composite indicator and, responsive to a determination that the composite indicator indicates an alert condition, generates an alert associated with the computing device(s). Additionally, if the alert condition is subject to remediation, the server causes at least one of the computing devices to execute a command to provide remediation of the alert condition.

Patent Agency Ranking