公开(公告)号：US12218703B1

公开(公告)日：2025-02-04

申请号：US18354960

申请日：2023-07-19

Applicant: Cisco Technology, Inc.

Inventor： Matthew A. Silverman ,  Robert C. Badea ,  Jerome Henry ,  Robert E. Barton

IPC: H04B1/7183 ,  H04W64/00 ,  H04W76/10

Abstract: A system and a method to delegate out-of-band (OOB) management of a shared ultra-wideband (UWB) clock. The system may comprise a tagged device with a UWB tag and multiple anchors. The tagged device may be configured to establish at least one OOB communication link with at least one anchor, transmit UWB compatibility information to multiple anchors, establish a UWB communication links with the anchors, and exchange OOB synchronization parameters and UWB synchronization parameters with the anchors. Further, the tagged device may be configured to define new instructions for ranging round operations based at least in part upon the OOB synchronization parameters and the UWB synchronization parameters, update existing instructions with the new instructions in the ranging round operations, and perform the ranging round in accordance with the updated instructions.

公开(公告)号：US12217106B2

公开(公告)日：2025-02-04

申请号：US18213513

申请日：2023-06-23

Applicant: Cisco Technology, Inc.

Inventor： Jaideep Padhye ,  Tom Thekkel Jose

IPC: G06F9/54 ,  G06F11/32 ,  H04L67/02

Abstract: In one embodiment, a device determines one or more key-value pairs associated with observability data for an online application, and searches the observability data for events corresponding to the one or more key-value pairs. The device also builds a responsive event list with the events corresponding to the one or more key-value pairs within the observability data and sorts the responsive event list by associated timestamps to provide the responsive event list as a sequence of transactional milestones reached by one or more users of the online application.

公开(公告)号：US20250039741A1

公开(公告)日：2025-01-30

申请号：US18227644

申请日：2023-07-28

Applicant: Cisco Technology, Inc.

Inventor： Ryan Holland ,  Fiona HALL-ZAZUETA ,  Aaron SELESI ,  Jason Trung Hoa TANG

IPC: H04W28/08 ,  H04L47/125

Abstract: Gateway agnostic load balancing techniques in a network are disclosed. In one embodiment, a process discovers a plurality of remote access enabled gateways with access to a specific subtended device in a computer network. The process determines connective functionality of the plurality of remote access enabled gateways to the specific subtended device and a level of utilization of the plurality of remote access enabled gateways. The process selects a specific gateway of the plurality of remote access enabled gateways through which to open an access session to the specific subtended device based on the specific gateway having sufficient connective functionality and further based on the level of utilization of the plurality of remote access enabled gateways.

公开(公告)号：US20250039220A1

公开(公告)日：2025-01-30

申请号：US18537516

申请日：2023-12-12

Applicant: Cisco Technology, Inc.

Inventor： Vincent Parla ,  Stephen Craig Connors, JR.

IPC: H04L9/40

Abstract: A system and method are provided for dynamically placing security controls in a network infrastructure. Input values representing the workload are ingested. A network component is placed in front of the workload to process/filter ingress traffic into the workload. The input values are analyzed to determine the asset criticality of the workload and to determine which vulnerabilities to which the workload is susceptible. Based on this analysis of the input values, compensating controls are selected to protect the workload from the determined vulnerabilities, and the network component is dynamically programed to perform these compensating controls on the ingress traffic. The network component is located directly in front of the workload, and it can be a data processing unit (DPU), a Berkley packet filter (BPF), and/or an extended BPF (eBPF) capability.

公开(公告)号：US20250039141A1

公开(公告)日：2025-01-30

申请号：US18357934

申请日：2023-07-24

Applicant: Cisco Technology, Inc.

Inventor： Faizan Amjad Mohammed ,  Venkatesh Nataraj ,  Gowri Mahendran Lingam Chandramohan ,  Saravanan Radhakrishnan ,  Kannan Kumar

IPC: H04L9/40

Abstract: This disclosure describes techniques for orchestrating implementation of a security solution among network devices. The techniques include determining capabilities of routers of the network and capabilities of a cloud security service to perform security features of a security solution. Based at least in part on the capabilities, the techniques include configuring a router of the network to execute a first subset of the security features on data traffic of the network, and configuring the cloud security service to execute a second subset of the security features on the data traffic. The techniques may also include causing the security solution to be presented to a security administrator via a display, the display providing representations of the first subset and the second subset of the security features.

公开(公告)号：US20250039134A1

公开(公告)日：2025-01-30

申请号：US18625874

申请日：2024-04-03

Applicant: Cisco Technology, Inc.

Inventor： Eric Maximilian Roquemore

IPC: H04L9/40

Abstract: A system and method are provided for routing traffic through a network to ensure load balancing and avoid untrustworthy nodes. Based on network data (e.g., telemetry data), a machine learning model generates trust scores, which are used for routing decisions by determining preferred routes from a source to a destination. The trust scores for nodes along a potential route can be combined into a cumulative trust score. The potential route with the lowest cumulative trust score (i.e., most trustworthy) is preferred, when all other factors are equal. Traffic is routed along the preferred routes, until their capacity is exceeded. Then to achieve load balancing, traffic flows are extended to the next most preferred routes (e.g., the next lowest cumulative trust score), and so forth. When traffic flows include a mix of sensitive and non-sensitive data, the sensitive data is preferentially directed along the most preferred routes.

公开(公告)号：US20250039057A1

公开(公告)日：2025-01-30

申请号：US18225788

申请日：2023-07-25

Applicant: Cisco Technology, Inc.

Inventor： Hans Ashlock ,  Bruce Alexander Mcdougall ,  Benjamin Haddox

IPC: H04L41/12 ,  H04L43/0829 ,  H04L43/087 ,  H04L43/12

Abstract: In one embodiment, a device obtains topology information for a segment routed network. The device generates, based on the topology information, segment routing label stacks to probe different paths between a source and destination in the segment routed network. The device conducts probing of the different paths during which synthetic probe packets are sent via the segment routed network using the segment routing label stacks. The device presents results of the probing of the different paths for display.

公开(公告)号：US20250039052A1

公开(公告)日：2025-01-30

申请号：US18600918

申请日：2024-03-11

Applicant: Cisco Technology, Inc.

Inventor： Stephen Craig Connors, JR.

IPC: H04L41/0869 ,  H04L41/0816

Abstract: A system and method are provided for continuous integration, continuous deployment of a network component, such as a software-defined wide area network, a firewall, a router, or a load balancer. The software development lifecycle is achieved without interrupting the data flow of the network by using a multi-dataplane architecture, including a primary dataplane and a shadow dataplane. A packet dispatcher relays ingress data packets to the primary dataplane executing a current version of the network component and the shadow dataplane executing an upgrade to the network component. A control plane agent analyzes/compares the performances of the respective dataplanes for verification testing, and the control plane agent upgrades the network component to the new version upon passing the verification testing. The upgrades is achieved without interruption to the data flow of the network component by gradually transitioning to outputting egress data packets generated using the upgraded version.

公开(公告)号：US20250039051A1

公开(公告)日：2025-01-30

申请号：US18410207

申请日：2024-01-11

Applicant: Cisco Technology, Inc.

Inventor： Stephen Craig Connors, JR.

IPC: H04L41/0869

Abstract: A system and method are provided for implementing a network component and verifying an update of the network component. The network component can be, e.g., a software-defined wide area network, a firewall, a router, or a load balancer. The network component can be an embedded network edge device that is implemented, e.g., in software, in circuitry, or using hardware acceleration (e.g., a data processing unit (DPU), a smart network interface card (SmartNIC), etc.). The updated version of the network component is verified by implementing it on a shadow dataplane concurrently with the current version operating on a primary dataplane, and comparing the performances of these two versions. Based on this comparison satisfying various verification criteria, the updated version passes a verification test and can be promoted to the primary dataplane.

公开(公告)号：US20250039049A1

公开(公告)日：2025-01-30

申请号：US18919044

申请日：2024-10-17

Applicant: Cisco Technology, Inc.

Inventor： Jason David Notari ,  Debashis Patnala Rao ,  Viral Rajeshbhai Barot

IPC: H04L41/0859 ,  H04L41/08 ,  H04L41/0813

Abstract: Techniques and architecture are described for initializing, reviewing/approving, and deploying changes within a network. Each change is associated with a particular change ticket. When a change needs to be rolled back, the original change ticket may be analyzed to determine what actions need to be performed to roll back the change. A plan of the needed actions may then be presented to a reviewer in a rollback ticket. The original change ticket may be cancelled and a new ticket, e.g., the rollback ticket, may be prepared that includes the plan for the rollback, e.g., the one or more actions needed to roll back the initial change. In configurations, a change ticket may include multiple changes and thus, for rollback, either all the changes associated with the change ticket may be rolled back or only the last change or action that was initially made may be rolled back.