-
公开(公告)号:US20230137255A1
公开(公告)日:2023-05-04
申请号:US17513062
申请日:2021-10-28
Applicant: Cisco Technology, Inc.
Inventor: Kyle Andrew Donald Mestery , Vincent E. Parla
Abstract: Techniques for routing service mesh traffic based on whether the traffic is encrypted or unencrypted are described herein. The techniques may include receiving, from a first node of a cloud-based network, traffic that is to be sent to a second node of the cloud-based network and determining whether the traffic is encrypted or unencrypted. If it is determined that the traffic is encrypted, the traffic may be sent to the second node via a service mesh of the cloud-based platform. Alternatively, or additionally, if it is determined that the traffic is unencrypted, the traffic may be sent to the second node via an encrypted tunnel. In some examples, the techniques may be performed at least partially by a program running on the first node of the cloud-based network, such as an extended Berkeley Packet Filter (eBPF) program, and the like.
-
112.发明申请公开(公告)号:US20230132415A1
公开(公告)日:2023-05-04
申请号:US17513033
申请日:2021-10-28
Applicant: Cisco Technology, Inc.
Inventor: Urmil Dave , Dominik Rene Tornow , Kyle Andrew Donald Mestery
Abstract: In one embodiment, a videoconference service determines a selection of a virtual background for a videoconference from a particular participant of a plurality of participants in the videoconference. The videoconference service determines an audio context filter that is associated with a visual context of the virtual background. The videoconference service modifies an audio stream of the videoconference into a modified audio stream according to the audio context filter. The videoconference service presents, to the plurality of participants during the videoconference, the particular participant using the virtual background and the modified audio stream. In an embodiment, the videoconference service ascertains the visual context of the virtual background based on applying a machine learning model to the virtual background.
-
公开(公告)号:US20230085513A1
公开(公告)日:2023-03-16
申请号:US17719829
申请日:2022-04-13
Applicant: Cisco Technology, Inc.
Inventor: Kyle Andrew Donald Mestery , Vincent E. Parla
IPC: H04L67/562 , H04L67/141
Abstract: Techniques for managing migrations of QUIC connection session(s) across proxy nodes, data centers, and/or private application nodes are described herein. A global key-value datastore, accessible by proxy nodes and/or application nodes, may store mappings between a first QUIC connection, associated with a proxy node and a client device, on the frontend of the proxy node and a second QUIC connection, associated with the proxy node and an application node, on the backend of the proxy node. With the global key-value datastore being accessible by the proxy nodes, when a proxy node receives a QUIC packet on the front end or the back end, the proxy node may determine where to map this connection to on the opposite end. Additionally, with the global key-value datastore being accessible to the application nodes, when an application node receives a QUIC packet, the application node may determine the client device associated with the connection.
-
公开(公告)号:US20230083582A1
公开(公告)日:2023-03-16
申请号:US17719867
申请日:2022-04-13
Applicant: Cisco Technology, Inc.
Inventor: Vincent E. Parla , Kyle Andrew Donald Mestery , Rajvardhan Somraj Deshmukh , Nancy Patricia Cam-Winget
IPC: H04L67/561 , H04L67/101 , H04L67/1012 , H04L9/40 , H04L12/46
Abstract: Techniques for encoding metadata representing a policy into a QUIC connection ID are described herein. A metadata-aware network including one or more enforcement nodes, a policy engine, and/or a connection datastore may be utilized to enforce a policy and route communications on a QUIC connection. The policy engine may be configured to encode metadata representing one or more network policies into a QUIC source connection ID (SCID) and/or may store a mapping between the SCID and a corresponding destination connection ID (DCID) in the connection datastore. The policy engine may communicate with a QUIC application server and/or one or more QUIC proxy nodes to encode the SCID into a QUIC packet. The enforcement nodes may access the metadata and enforce the policies via a connection ID included in a QUIC header of a QUIC packet or by performing a lookup in the connection datastore using the connection ID.
-
公开(公告)号:US20230032924A1
公开(公告)日:2023-02-02
申请号:US17388754
申请日:2021-07-29
Applicant: Cisco Technology, Inc.
Inventor: Ian James Wells , Kyle Andrew Donald Mestery , Carlos M. Pignataro , Nagendra Kumar Nainar
IPC: H04L12/851 , H04L12/723
Abstract: This disclosure describes techniques for performing application-based tagging. An example method is performed by a virtual socket of a device. The method includes receiving non-packetized data from an application, generating a label based on the application, and providing the non-packetized data and the label to a kernel of the device.
-
Patent Agency Ranking
116.发明申请公开(公告)号:US20230015687A1
公开(公告)日:2023-01-19
申请号:US17376646
申请日:2021-07-15
Applicant: Cisco Technology, Inc.
Inventor: Vincent Parla , Kyle Andrew Donald Mestery
IPC: H04L29/08 , H04L12/741 , H04L12/859
Abstract: Techniques for using computer networking protocol extensions to route control-plane traffic and data-plane traffic associated with a common application are described herein. For instance, a traffic flow associated with an application may be established such that control-plane traffic is sent to a control-plane node associated with the application and data-plane traffic is sent to a data-plane node associated with the application. When a client device sends an authentication request to connect to the application, the control-plane node may send an indication of a hostname to be used by the client device to send data-plane traffic to the data-node. As such, when a packet including the hostname corresponding with the data-plane node is received, the packet may be forwarded to the data-plane node.
-
公开(公告)号:US20220385580A1
公开(公告)日:2022-12-01
申请号:US17335437
申请日:2021-06-01
Applicant: Cisco Technology, Inc.
IPC: H04L12/803 , H04L12/851
Abstract: Techniques for dynamically load balancing traffic based on predicted and actual load capacities of data nodes are described herein. The techniques may include determining a predicted capacity of a data node of a network during a period of time. The data node may be associated with a first traffic class. The techniques may also include determining an actual capacity of the data node during the period of time, as well as determining that a difference between the actual capacity and the predicted capacity is greater than a threshold difference. Based at least in part on the difference, a number of data flows sent to the data node may be either increased or decreased. Additionally, or alternatively, a data flow associated with a second traffic class may be redirected to the data node during the period of time to be handled according to the first traffic class.
-
公开(公告)号:US20220385579A1
公开(公告)日:2022-12-01
申请号:US17335401
申请日:2021-06-01
Applicant: Cisco Technology, Inc.
IPC: H04L12/803
Abstract: Techniques for dynamically load balancing traffic based on predicted and actual load capacities of data nodes are described herein. The techniques may include determining a predicted capacity of a data node of a network during a period of time. The data node may be associated with a first traffic class. The techniques may also include determining an actual capacity of the data node during the period of time, as well as determining that a difference between the actual capacity and the predicted capacity is greater than a threshold difference. Based at least in part on the difference, a number of data flows sent to the data node may be either increased or decreased. Additionally, or alternatively, a data flow associated with a second traffic class may be redirected to the data node during the period of time to be handled according to the first traffic class.
-
公开(公告)号:US11442703B2
公开(公告)日:2022-09-13
申请号:US17028646
申请日:2020-09-22
Applicant: Cisco Technology, Inc.
Inventor: Ian James Wells , Kyle Andrew Donald Mestery , Grzegorz Boguslaw Duraj
Abstract: This disclosure describes techniques and mechanisms for using a domain-specific language (DSL) to express and compile serverless network functions, and optimizing the deployment location for the serverless network functions on network devices. In some examples, the serverless network functions may be expressed entirely in the DSL (e.g., via a text-based editor, a graphics-based editor, etc.), where the DSL is a computer language specialized to a particular domain, such as a network function domain. In additional examples, the serverless network functions may be expressed and compiled using a DSL in combination with a general-purpose language (GSL). Once the serverless network function have been expressed and/or compiled, the techniques of this disclosure further include determining an optimized network component on which the serverless network function is to execute, and deploying the serverless function to the optimized network component.
-
公开(公告)号:US20220272102A1
公开(公告)日:2022-08-25
申请号:US17183900
申请日:2021-02-24
Applicant: Cisco Technology, Inc.
Inventor: Kyle Andrew Donald Mestery , Ian James Wells
IPC: H04L29/06
Abstract: Techniques for creating consent contracts for devices that indicate whether the devices consent to receiving network-based communications from other devices. Further, the techniques include enforcing the consent contracts such that network-based communications are either allowed or disallowed in the network-communications layer prior to the network communications reaching the devices. Rather than simply allowing a device to communicate with any other device over a network, the techniques described herein include building in consent for network-based communications where the consent is consulted at one or more points in a communication process to make informed decisions about network-based traffic.
-
-
-
-
-
-
-
-
-
Search Results
165
records
(took 0.043 seconds)
