-
1.发明授权公开(公告)号:US11368484B1
公开(公告)日:2022-06-21
申请号:US16396096
申请日:2019-04-26
Applicant: Cisco Technology, Inc.
Inventor: Govind Prasad Sharma , Eshwar Rao Yedavalli , Mohammed Javed Asghar , Ashwath Kumar Chandrasekaran , Swapnil Mankar , Umamaheswararao Karyampudi
IPC: H04L101/622 , G06F9/455 , H04L61/103 , H04L9/40
Abstract: Methods to secure against IP address thefts by rogue devices in a virtualized datacenter are provided. Rogue devices are detected and distinguished from a migration of an endpoint in a virtualized datacenter. A first hop network element in a one or more network fabrics intercepts a request that includes an identity of an endpoint and performs a local lookup for the endpoint entity identifier. Based on the lookup not finding the endpoint entity identifier, the first hop network element broadcasts a message such as a remote media access address (MAC) query to other network elements in the one or more network fabrics. Based on the received response, which may include an IP address associated with the MAC address, the first hop network element performs a theft validation process to determine whether the request originated from a migrated endpoint or a rogue device.
-
2.发明申请公开(公告)号:US20220263865A1
公开(公告)日:2022-08-18
申请号:US17736748
申请日:2022-05-04
Applicant: Cisco Technology, Inc.
Inventor: Govind Prasad Sharma , Eshwar Rao Yedavalli , Mohammed Javed Asghar , Ashwath Kumar Chandrasekaran , Swapnil Mankar , Umamaheswararao Karyampudi
IPC: H04L9/40 , G06F9/455 , H04L61/103 , H04L101/622
Abstract: Methods to secure against IP address thefts by rogue devices in a virtualized datacenter are provided. Rogue devices are detected and distinguished from a migration of an endpoint in a virtualized datacenter. A first hop network element in a one or more network fabrics intercepts a request that includes an identity of an endpoint and performs a local lookup for the endpoint entity identifier. Based on the lookup not finding the endpoint entity identifier, the first hop network element broadcasts a message such as a remote media access address (MAC) query to other network elements in the one or more network fabrics. Based on the received response, which may include an IP address associated with the MAC address, the first hop network element performs a theft validation process to determine whether the request originated from a migrated endpoint or a rogue device.
-
3.发明授权公开(公告)号:US11757935B2
公开(公告)日:2023-09-12
申请号:US17736748
申请日:2022-05-04
Applicant: Cisco Technology, Inc.
Inventor: Govind Prasad Sharma , Eshwar Rao Yedavalli , Mohammed Javed Asghar , Ashwath Kumar Chandrasekaran , Swapnil Mankar , Umamaheswararao Karyampudi
IPC: H04L9/40 , G06F9/455 , H04L61/103 , H04L101/622
CPC classification number: H04L63/1483 , G06F9/45558 , H04L61/103 , H04L63/10 , G06F2009/4557 , G06F2009/45595 , H04L2101/622
Abstract: Methods to secure against IP address thefts by rogue devices in a virtualized datacenter are provided. Rogue devices are detected and distinguished from a migration of an endpoint in a virtualized datacenter. A first hop network element in a one or more network fabrics intercepts a request that includes an identity of an endpoint and performs a local lookup for the endpoint entity identifier. Based on the lookup not finding the endpoint entity identifier, the first hop network element broadcasts a message such as a remote media access address (MAC) query to other network elements in the one or more network fabrics. Based on the received response, which may include an IP address associated with the MAC address, the first hop network element performs a theft validation process to determine whether the request originated from a migrated endpoint or a rogue device.
-
-
Search Results
3
records
(took 0.011 seconds)
