公开(公告)号：US20240169089A1

公开(公告)日：2024-05-23

申请号：US17991286

申请日：2022-11-21

Applicant: Cisco Technology, Inc.

Inventor： Barry Qi Yuan ,  Robert Edgar Barton

IPC: G06F21/62

CPC classification number: G06F21/6245

Abstract: Techniques for leveraging a distributed Domain Name System (DNS) infrastructure for preserving Personally Identifiable Information (PII) data for distributed resolvers using a hash to policy pair (HPP) database are described. A DNS security service receives metadata including PII associated with a client. A cryptographic hash function is applied to the metadata including PII associated with the client to generate a client hash value. A client HPP is created by mapping the client hash value to a set of DNS policy instructions associated with the client. The client HPP is stored in a HPP database. A distributed resolver is authorized to provide DNS services to the client. Finally, the HPP database is published to the distributed resolver.

公开(公告)号：US20240163210A1

公开(公告)日：2024-05-16

申请号：US18419100

申请日：2024-01-22

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Singh Gandhi ,  Robert Edgar Barton ,  Jerome Henry ,  Cesar Obediente

IPC: H04L45/00

CPC classification number: H04L45/70 ,  H04L45/14

Abstract: In one embodiment, a method includes receiving energy efficiency data from a plurality of nodes within a network. The method also includes determining an energy efficiency node quotient for each of the plurality of nodes within the network to generate a plurality of energy efficiency node quotients and determining an energy efficiency path quotient for each of a plurality of paths within the network to generate a plurality of energy efficiency path quotients. The method further includes determining one or more policies associated with the plurality of paths and selecting a path from the plurality of paths based at least on the plurality of energy efficient path quotients and the one or more policies.

公开(公告)号：US20240155474A1

公开(公告)日：2024-05-09

申请号：US17983928

申请日：2022-11-09

Applicant: Cisco Technology, Inc.

Inventor： Flemming Stig Andreasen ,  Robert Edgar Barton ,  Timothy Peter Stammers

IPC: H04W48/18 ,  H04W28/24

CPC classification number: H04W48/18 ,  H04W28/24

Abstract: In one illustrative example, a controller for use in a private mobile network may determine network service requirements for an industrial device. The controller may select, from a set of network slices, a subset of network slices having network service requirement configurations that most closely support the network service requirements. Each network slice of the set may be associated with an affinity ranking value that is indicative of a service performance of the network slice for industrial device operation in a cell or a zone associated with a zone or security level value assigned to the industrial device. The controller may identify, from the subset of network slices, a selected network slice associated with a best affinity ranking value for the zone or security level value assigned to the industrial device. The controller may assign the selected network slice and associated service parameters for the communications of the industrial device.

公开(公告)号：US20240147245A1

公开(公告)日：2024-05-02

申请号：US17977169

申请日：2022-10-31

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Robert Edgar Barton ,  Fred Jay Anderson ,  Matthew Aaron Silverman ,  John Matthew Swartz ,  Joshua D. Suhr

IPC: H04W16/10

CPC classification number: H04W16/10

Abstract: A method for adaptive presence-based radio configuration of access points in a venue includes defining a number of regions in the venue in which access points are deployed, each region having a center point, and assigning a first access point to a first region, positioned at the center of the first region. The method also includes affecting a first energy level in the first region, which corresponds to a power of a transmit signal emitted by the first access point, and assigning to the first region a configurable capacity value that determines an acceptable overlap constraint between the first energy level of the first region and an energy level of a neighboring region. The method further includes generating data describing a tessellation graph in which a possible map of the access points is formed using an iterative descent process based on the first energy level and the overlap constraint.

公开(公告)号：US20240146696A1

公开(公告)日：2024-05-02

申请号：US18537156

申请日：2023-12-12

Applicant: Cisco Technology, Inc.

Inventor： David Hanes ,  Gonzalo Salgueiro ,  Sebastian Jeuk ,  Robert Edgar Barton

IPC: H04L9/40 ,  H04L65/102

CPC classification number: H04L63/0263 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/20 ,  H04L65/102

Abstract: Techniques for associating manufacturer usage description (MUD) security profiles for Internet-of-Things (IoT) device(s) with secure access service edge (SASE) solutions, providing for automated and scalable integration of IoT devices with SASE frameworks. A MUD controller may utilize a MUD uniform resource identifier (URI) emitted by an IoT device to fetch an associated MUD file from a MUD file server associated with a manufacturer of the IoT device. The MUD controller may determine that a security recommendation included in the MUD file is to be implemented by a cloud-based security service provided by the SASE service and cause the IoT device to establish a connection with a secure internet gateway associated with the cloud-based security service. Additionally, or alternatively, the MUD file may include SASE extensions indicating manufacturer recommended cloud-based security services. Further, cloud-based security services may be implemented if local services are unavailable.

公开(公告)号：US20240073248A1

公开(公告)日：2024-02-29

申请号：US17898162

申请日：2022-08-29

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Jerome Henry ,  Indermeet Gandhi

IPC: H04L9/40

CPC classification number: H04L63/20

Abstract: A method and system for implementing security policies for a user device based on one or more user device parameters. When a user device joins a domain, the security policy agent determines one or more security policies for the user device based on one or more parameters of the user device. The user parameters may include the type of user device, a user group, an application to be used, etc. The security polies are sent to the user device. The user device generates a data packet having metadata indicating the one or more device parameters. The data packet is sent to a remote security service where security policies are implemented based on the metadata.

公开(公告)号：US20240039786A1

公开(公告)日：2024-02-01

申请号：US17876345

申请日：2022-07-28

Applicant: Cisco Technology, Inc.

Inventor： Shankar Ramanathan ,  Muhilan Natarajan ,  Vishal Desai ,  Robert Edgar Barton ,  Jerome Henry

IPC: H04L41/082 ,  G06F40/279 ,  H04L41/0823

CPC classification number: H04L41/082 ,  G06F40/279 ,  H04L41/0836

Abstract: This disclosure describes techniques and mechanisms for determine a change window of least impact based on the type of activity, urgency, and preference, and highlighting risk(s) of choosing a change window. The techniques streamline and automate change window technology and provide customized and personalized change window option(s) to an administrator of a network.

公开(公告)号：US11882034B2

公开(公告)日：2024-01-23

申请号：US17930281

申请日：2022-09-07

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Singh Gandhi ,  Robert Edgar Barton ,  Jerome Henry ,  Cesar Obediente

IPC: H04L45/00

CPC classification number: H04L45/70 ,  H04L45/14

Abstract: In one embodiment, a method includes receiving energy efficiency data from a plurality of nodes within a network. The method also includes determining an energy efficiency node quotient for each of the plurality of nodes within the network to generate a plurality of energy efficiency node quotients and determining an energy efficiency path quotient for each of a plurality of paths within the network to generate a plurality of energy efficiency path quotients. The method further includes determining one or more policies associated with the plurality of paths and selecting a path from the plurality of paths based at least on the plurality of energy efficient path quotients and the one or more policies.

公开(公告)号：US20240015827A1

公开(公告)日：2024-01-11

申请号：US18181963

申请日：2023-03-10

Applicant: Cisco Technology, Inc.

Inventor： Juan Carlos Zuniga ,  Pooya Monajemi ,  Robert Edgar Barton ,  Matthew Aaron Silverman ,  Jerome Henry

IPC: H04W76/15

CPC classification number: H04W76/15 ,  H04W84/12

Abstract: A method to operate a multi-link wireless device. The method includes establishing at least a first multi-link device interface and a second multi-link device interface, exposing, via a virtual data port, the first multi-link device interface and the second multi-link device interface at a data processing layer of the wireless device, selecting one of the first multi-link device interface and the second multi-link device interface, as a selected multi-link device interface, based on performance information associated with a first radio and a second radio associated, respectively, with the first multi-link device interface and the second multi-link device interface, and wirelessly transmitting a packet from the wireless device by routing the packet through the selected multi-link device interface.

公开(公告)号：US11844143B2

公开(公告)日：2023-12-12

申请号：US17313924

申请日：2021-05-06

Applicant: Cisco Technology, Inc.

Inventor： Vishal Satyendra Desai ,  Jerome Henry ,  Robert Edgar Barton

IPC: H04W8/12 ,  H04W8/24 ,  H04W72/04 ,  H04B17/318 ,  H04W40/24 ,  H04W72/044 ,  H04W36/14 ,  H04W36/30

CPC classification number: H04W8/12 ,  H04B17/318 ,  H04W8/24 ,  H04W40/244 ,  H04W72/0473 ,  H04W36/14 ,  H04W36/30

Abstract: The present disclosure is related to dynamic methods of managing roaming of client devices at boundaries of area serviced by access points. In one aspect, a method includes estimating by a controller, first signal information of a signal transmitted by an access point and received at a client device, the first signal information being from the perspective of the access point, the client device operating at a boundary of an area serviced by the access point; determining, by the controller, second signal information for the signal, the second signal information being from the perspective of the client device; and performing, by the controller, roaming management of the client device based on the first signal information and the second signal information.