公开(公告)号：US11764912B2

公开(公告)日：2023-09-19

申请号：US17331403

申请日：2021-05-26

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jerome Henry ,  Malcolm Muir Smith ,  Mark Grayson ,  Patrick Wetterwald ,  Andrew Frederick Myles

IPC: H04L1/18 ,  H04W80/02 ,  H04L1/1867 ,  H04W84/12

CPC classification number: H04L1/1896 ,  H04W80/02 ,  H04W84/12

Abstract: In one embodiment, a method comprises: classifying, by a controller device, a first access point device in a WLAN as a leader access point for a wireless client device, and at least a second access point device as a follower access point; and allocating, to the leader access point, a shortened medium access control layer timer (“timer”) that is shorter than a prescribed timer used by the follower access point, the shortened timer causing the leader access point to respond to reception of a wireless data packet from the wireless client device by transmitting an acknowledgment to the wireless client device upon expiration of the shortened timer; the prescribed timer causing the follower access point to defer to the leader access point based on the follower access point waiting for at least expiration of the prescribed timer before selectively transmitting a corresponding acknowledgment in response to receiving the wireless data packet.

公开(公告)号：US20230275868A1

公开(公告)日：2023-08-31

申请号：US18195136

申请日：2023-05-09

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Pradeep Kumar Kathail ,  Eric Levy-Abegnoli ,  David A. Maluf

IPC: H04L61/2503 ,  H04L61/4511

CPC classification number: H04L61/2503 ,  H04L61/4511

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

公开(公告)号：US20230268996A1

公开(公告)日：2023-08-24

申请号：US17581163

申请日：2022-01-21

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Domenico FICARA ,  Patrick WETTERWALD ,  Alessandro ERTA ,  Amine CHOUKIR

IPC: H04B10/114 ,  H04W76/15 ,  H04W72/04

CPC classification number: H04B10/1149 ,  H04W72/0426 ,  H04W76/15

Abstract: In one embodiment, a device registers with a controller for a mesh of overhead access points. The device receives, from the controller, a communication schedule for the device. The device generates a message to be sent to the mesh of overhead access points. The device transmits, according to the communication schedule, the message as a beam cone directed substantially upward relative to the device towards the mesh of overhead access points. The message is received and relayed by one or more particular access points in the mesh without the device previously performing a wireless association exchange with those one or more particular access points.

公开(公告)号：US11632290B2

公开(公告)日：2023-04-18

申请号：US17094540

申请日：2020-11-10

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro

IPC: H04L12/24 ,  H04L12/851 ,  H04L41/0668 ,  H04L45/28 ,  H04L41/12 ,  H04L47/24

Abstract: Techniques for identifying nodes in a data center fabric that are affected by a failure in the fabric, and selectively sending disaggregation advertisements to the nodes affected by the failure. The techniques include a process where a component monitors the network fabric to identify communication paths between leaf nodes, and determines what leaf nodes would be affected by a failure in those communication paths. The component may detect a failure in the network and determine which communication paths, and thus which leaf nodes, are affected by the failure and send disaggregation advertisements to the affected leaf nodes. In some examples, ingress leaf nodes send data through the fabric that indicate egress nodes for the communication paths. Intermediate nodes along may receive the data from the leaf nodes to identify communication paths, and the notify only affected nodes upon detecting a failure in the network.

公开(公告)号：US11622312B2

公开(公告)日：2023-04-04

申请号：US17579415

申请日：2022-01-19

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Huimin She

IPC: H04W40/08 ,  H04W76/11 ,  H04L45/16 ,  H04W84/18

Abstract: A method by a wireless network device in a wireless data network comprises: joining a non-storing mode destination-oriented directed acyclic graph (DODAG) in response to receiving a multicast DODAG information object (DIO) message originated by a root device; generating and transmitting a unicast destination advertisement (DAO) message destined for the root device and indicating the wireless network device has joined the DODAG; advertising as a subroot of a subDAG in the DODAG, based on outputting a second message specifying subDAG information identifying the subDAG; receiving a second unicast DAO message generated by a child network device in the subDAG and addressed to the wireless network device, the second unicast DAO message indicating the child network device has joined the subDAG; and generating and sending a third unicast DAO message to the root device specifying the child network device is reachable via the wireless network device.

公开(公告)号：US20230084117A1

公开(公告)日：2023-03-16

申请号：US18057022

申请日：2022-11-18

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Charles Calvin Byers

IPC: H05K7/14 ,  H01R13/193 ,  H05K7/20 ,  H05K7/16 ,  G02B6/42 ,  H01R43/26 ,  G01J1/44 ,  H04Q11/00 ,  H04L49/15 ,  G06F1/26 ,  G06F1/3209 ,  H04L49/101

Abstract: Connectors for a networking device may be provided. A networking device may comprise a first plurality of switch bars each comprising a first switch type arranged parallel to one another, a second plurality of switch bars each comprising a second switch type arranged parallel to one another, and a third plurality of switch bars each comprising a third switch type arranged parallel to one another. The first plurality of switch bars, the second plurality of switch bars, and the third plurality of switch bars may be arranged orthogonally. A first one of the first plurality of switch bars may be connected to a first one of the second plurality of switch bars via a retractable mechanical connector mechanism.

公开(公告)号：US11606347B2

公开(公告)日：2023-03-14

申请号：US17004368

申请日：2020-08-27

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Jonas Zaddach ,  Eric Levy-Abegnoli

IPC: H04L9/40 ,  H04L67/141 ,  H04L67/142

Abstract: This disclosure describes techniques for authenticating a user device for a session. For instance, an authentication entity may authenticate a user device using single sign-on authentication and/or multi-factor authentication. The authentication entity may then determine a duration for which the user device is authenticated for the session. For example, the authentication entity may receive information representing a state of an environment of the user device. The authentication entity may then use the information to identify one or more transitions associated with the environment between the session and a previous session. Using the one or more transitions, the authentication entity may determine the duration for the session by increasing or decreasing a previous duration associated with the previous session.

公开(公告)号：US11552823B2

公开(公告)日：2023-01-10

申请号：US16796146

申请日：2020-02-20

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04L12/46 ,  H04L9/40 ,  G06N20/00

Abstract: In one embodiment, a server instructs one or more networking devices in a local area network (LAN) to form a virtual network overlay in the LAN that redirects traffic associated with a particular node in the LAN to the server. The server receives the redirected traffic associated with the particular node. The server trains a machine learning-based behavioral model for the particular node based on the redirected traffic. The server controls whether a particular redirected traffic flow associated with the node in the LAN is sent to a destination of the traffic flow using the trained behavioral model.

公开(公告)号：US20220369167A1

公开(公告)日：2022-11-17

申请号：US17815292

申请日：2022-07-27

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Arman Rezaee

IPC: H04W28/18

Abstract: Optimal determination of wireless network pathway configurations may be provided. A computing device may receive an error profile and a response instruction associated with the error profile, as generated by a network controller. The computing device may then monitor, for an error, on a communication Track, in a network, between an ingress node and an egress node. Then, the computing device, upon detecting the error, can determine that the error is similar to the error profile, and based on the determination that the error is similar to the error profile, enact the response instruction. The response instruction can direct the computing device to switch from the communication Track to a communication subTrack between the ingress node and the egress node.

公开(公告)号：US20220368547A1

公开(公告)日：2022-11-17

申请号：US17317124

申请日：2021-05-11

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Eric Levy- Abegnoli ,  Jonas Zaddach

IPC: H04L12/18 ,  G06K9/00 ,  G06K9/46 ,  G06K7/14

Abstract: Techniques are provided that validate a participant in a video conference. As a video conferencing system is remote from a video conference participant, and user devices are not trusted, traditional methods such as client side facial recognition are ineffective at validating a participant from a video conferencing system. Thus, the embodiments encode modulated data for projection onto a face of the participant. A video of the participant is then captured. The conferencing system then confirms that the modulated data is present in the captured video.