公开(公告)号：US20240297868A1

公开(公告)日：2024-09-05

申请号：US18659296

申请日：2024-05-09

Applicant: Cisco Technology, Inc.

Inventor： David A. Maluf ,  Srinath Gundavelli ,  Pascal Thubert ,  Pradeep Kumar Kathail ,  Eric Levy-Abegnoli ,  Eric Voit ,  Ali Sajassi

IPC: H04L9/40 ,  H04L61/2521 ,  H04L61/2539 ,  H04L61/4511

CPC classification number: H04L63/0421 ,  H04L61/2525 ,  H04L61/2539 ,  H04L61/4511

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a random IP address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a random IP address that cannot be used to identify the endpoint device or service. The client device may then communicate data packets to the server using the random IP address as the destination address, and a gateway that works in conjunction with DNS can convert the random IP address to the actual IP address of the server using NAT and forward the data packet onto the server.

公开(公告)号：US12069747B2

公开(公告)日：2024-08-20

申请号：US17375765

申请日：2021-07-14

Applicant: Cisco Technology, Inc.

Inventor： Ravi Kiran Guntupalli ,  Srinath Gundavelli ,  Abhishek Dhammawat

IPC: H04W76/10 ,  H04W48/20 ,  H04W68/00

CPC classification number: H04W76/10 ,  H04W48/20 ,  H04W68/005

Abstract: Disclosed are embodiments that leverage a central control plane of a managed 5G network service architecture across multiple serviced tenants by deploying tenant specific user plane function (UPF) and gNB components within tenant managed compute infrastructure. To enable this architecture, the disclosed embodiments assign gNBs and UPF instances to specific tenants and communicate those assignments to core components. Policies can be defined and applied to specific tenants from the central control plane. Inbound data routing to a specific tenant is accomplished by referencing a data store in the control plane that identifies which gNBs are assigned to a tenant associated with the incoming data. Those gNBs are then paged to service the incoming data.

公开(公告)号：US12047774B2

公开(公告)日：2024-07-23

申请号：US18318268

申请日：2023-05-16

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Oliver James Bull ,  Louis Gwyn Samuel ,  Mark Grayson

IPC: H04W12/06 ,  H04W12/0433 ,  H04W12/08 ,  H04W36/14 ,  H04W60/04 ,  H04W84/04

CPC classification number: H04W12/06 ,  H04W12/0433 ,  H04W12/08 ,  H04W36/14 ,  H04W60/04 ,  H04W84/04

Abstract: Presented herein are techniques to facilitate fast roaming between a mobile network operator-public (MNO-public) wireless wide area (WWA) access network and an enterprise private WWA access network. In one example, a method is provided that may include generating, by an authentication node, authentication material for a user equipment (UE) based on the UE being connected to a public WWA access network, wherein the public WWA access network is associated with a mobile network operator, and the authentication node and the UE are associated with an enterprise entity; obtaining, by the authentication node, an indication that the UE is attempting to access a private WWA access network associated with the enterprise entity; and providing, by the authentication node, the authentication material for the UE, wherein the authentication material facilitates connection establishment between the UE and the private WWA access network.

公开(公告)号：US11956628B2

公开(公告)日：2024-04-09

申请号：US17492045

申请日：2021-10-01

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Bart A. Brinckman ,  Srinath Gundavelli

IPC: H04W12/06 ,  H04L9/40 ,  H04W12/71 ,  H04W48/20

CPC classification number: H04W12/06 ,  H04L63/0892 ,  H04W12/71 ,  H04W48/20

Abstract: A method is provided that includes obtaining an access request for a device to access a visited access network, the access request including an authentication identifier for the device including an identity for the device and a realm comprising a network identifying portion; determining a re-write rule for the realm by querying a database based on an identity type of the device and the network identifying portion of the realm, the database including a plurality of re-write rules for a plurality of networks and a plurality of identity types; re-writing the realm based on the re-write rule using the identity for the device to generate a re-written realm; obtaining, based on the re-written realm, an address for an authentication server of an identity provider associated with the device; and performing an authentication with the authentication server using the authentication identifier to authenticate the device for the visited access network.

公开(公告)号：US20240080223A1

公开(公告)日：2024-03-07

申请号：US18497666

申请日：2023-10-30

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Sangram Kishore Lakkaraju ,  Alberto Rodriguez Natal ,  Fabio R. Maino ,  Timothy Peter Stammers

IPC: H04L12/46 ,  H04L45/74 ,  H04L47/24 ,  H04L49/25 ,  H04L61/2592 ,  H04L69/22

CPC classification number: H04L12/4633 ,  H04L12/4641 ,  H04L45/74 ,  H04L47/24 ,  H04L49/25 ,  H04L61/2592 ,  H04L69/22 ,  H04L2101/622

Abstract: Techniques are described for extending a cellular quality of service bearer through an enterprise fabric network. In one example, a method obtaining, by a first switch of a network, a packet to be delivered to a client connected to the network via a cellular access point; identifying quality of service (QoS) bearer information associated with the packet, wherein the QoS bearer information is associated with a radio access bearer for the client and the QoS bearer information comprises a bearer indicator and a QoS class identifier; providing a fabric tunnel encapsulation for the packet, wherein the bearer indicator and the QoS class identifier are included within the fabric tunnel encapsulation of the packet; and forwarding the packet within the fabric tunnel encapsulation toward a second switch of the network via a fabric tunnel, wherein the cellular access point is connected to the network via the second switch.

公开(公告)号：US11910299B2

公开(公告)日：2024-02-20

申请号：US17494107

申请日：2021-10-05

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Vimal Srivastava ,  Oliver James Bull

IPC: H04W48/16 ,  H04W12/06 ,  H04W76/10 ,  H04W60/00

CPC classification number: H04W48/16 ,  H04W12/06 ,  H04W60/00 ,  H04W76/10

Abstract: Presented herein are techniques to facilitate providing slice attribute information to a user equipment (UE) for one or more slice types with which the user equipment is allowed to establish one or more session(s). In one example, a method may include obtaining, by a network element, a registration request for connection of a UE to a mobile network; performing an authentication for connection of the UE to the mobile network; and upon successful authentication, providing, by the network element, a registration response to the UE, wherein the registration response identifies one or more network slice types with which the UE is authorized to establish a session and the registration response identifies one of: attribute information for each of the one or more network slice types or network location information from which attribute information for each of the one or more network slice types is to be obtained.

公开(公告)号：US20240057183A1

公开(公告)日：2024-02-15

申请号：US17886953

申请日：2022-08-12

Applicant: Cisco Technology, Inc.

Inventor： Vimal Srivastava ,  Srinath Gundavelli ,  Robert Michael Batz

IPC: H04W76/15 ,  H04L67/141 ,  H04L61/4511 ,  H04W76/34

CPC classification number: H04W76/15 ,  H04L67/141 ,  H04L61/4511 ,  H04W76/34

Abstract: Presented herein are techniques to provide sponsored data to a user equipment in a mobile network environment. For example, techniques provided herein may provide for the ability to enhance sponsored data connectivity by enabling a mobile network to facilitate sponsorship of a network slice as part of sponsored data connectivity in which the network slice can provide traffic flow specific Service Level Agreement (SLA) connectivity and treatment. In one example, a method is provided that includes determining, via a first session of a user equipment (UE), that the UE seeks to access content in which financial sponsorship for accessing the content by the UE is to be provided by a sponsoring entity in which the first session involves a first network slice and enabling the UE to establish a second session to access the content in which the second session involves a second network slice.

公开(公告)号：US20240039903A1

公开(公告)日：2024-02-01

申请号：US17875105

申请日：2022-07-27

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Gandhi ,  Srinath Gundavelli

IPC: H04L9/40 ,  G06F3/01 ,  H04L25/02 ,  H04W4/02

CPC classification number: H04L63/08 ,  G06F3/017 ,  H04L25/0222 ,  H04W4/023 ,  H04L2463/082

Abstract: This disclosure describes techniques for performing multi-factor authentication (MFA) by utilizing user generated authenticating gestures. The techniques may include establishing and monitoring peer-to-peer communication links between user devices. The techniques may include monitoring channel properties for fluctuations in the channel properties associated with the user generated authenticating gesture passing through signals of the communication links. The techniques may further include comparing a gesture performed by a user to a predefined authenticating gesture. The techniques may include determining a pattern of fluctuations in the channel properties associated with the predefined authenticating gesture. The techniques may include determining a confidence score associated with comparing the gesture performed and the predefined authenticating gesture. The techniques may further include determining a proximity of the user and/or the gesture to the user device. The techniques may further include granting or denying the user based at least in part on the proximity and/or the comparison.

公开(公告)号：US20230412497A1

公开(公告)日：2023-12-21

申请号：US18362282

申请日：2023-07-31

Applicant: Cisco Technology, Inc.

Inventor： Abhishek Dhammawat ,  Srinath Gundavelli

IPC: H04L45/00 ,  H04L67/147 ,  H04L45/302 ,  H04W28/02 ,  H04L47/2441

CPC classification number: H04L45/38 ,  H04L67/147 ,  H04L47/2441 ,  H04L45/302 ,  H04W28/0268 ,  H04L45/566

Abstract: A user plane function (UPF) node may receive a packet for traffic associated with a user equipment (UE). During packet classification, the UPF node may identify that a packet filter for the packet is not found in a packet filter set of an existing Quality of Service (QoS) Flow. In response, the UPF node may configure the packet filter in the packet filter set of the QoS Flow based on a flow tuple of the packet. The UPF node may send, to a control plane function node, a message which indicates a request for adding the flow tuple to the QoS Flow. The message may be for triggering communication of a message which indicates a session modification command for receipt by the UE, for adding an uplink packet filter that is based on the flow tuple for the QoS Flow.

公开(公告)号：US11838822B2

公开(公告)日：2023-12-05

申请号：US17846482

申请日：2022-06-22

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Gandhi ,  Shree Murthy ,  Malcolm Muir Smith ,  Jerome Henry

IPC: H04W4/00 ,  H04W36/32 ,  H04W36/30 ,  H04W84/12

CPC classification number: H04W36/32 ,  H04W36/30 ,  H04W84/12

Abstract: This disclosure describes techniques for selecting network protocols using heatmaps. For instance, a system may receive radio frequency information from one or more sources located within an environment. The system may then generate heatmaps using the radio frequency information, where the heatmaps represent characteristics associated with different network protocols. The characteristics may include signal strengths, throughputs, data packet drop rates, data packet retry rates, and/or the like for various locations within the environment. A user device may then receive the heatmaps from the system. Using a location of the user device and the heatmaps, the user device may determine to communicate using a network protocol from the different network protocols. The user device may then establish a connection using the network protocol.