知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

583 records (took 0.016 seconds)

    Using in-band operations data to signal packet processing departures in a network
    141.
    发明授权
    Using in-band operations data to signal packet processing departures in a network 有权

    公开(公告)号:US11012353B2

    公开(公告)日:2021-05-18

    申请号:US16231319

    申请日:2018-12-21

    Applicant: Cisco Technology, Inc.

    Inventor: Shwetha Subray Bhandari Nagendra Kumar Nainar Carlos M. Pignataro Frank Brockners

    IPC: H04L12/741 H04L29/06 H04L9/08 H04L12/707 H04L9/32 H04L12/935

    Abstract: In one embodiment, nodes use in-band operations data (e.g., carried in iOAM data field(s)) to signal departures in the processing of a packet in a network. A “departure” refers to a divergence or deviation, as from an established rule, plan, or procedure. Departures include, but are not limited to, sending a packet over a backup path (thus, a departure/deviation from sending over a primary path); offload processing of a packet (thus, a departure/deviation from processing of a packet by an application processing apparatus); and exception or punting/slow/software path processing of a packet (thus, a departure/deviation from normal or fast/hardware path processing of a packet). In one embodiment, a proof of transit validation apparatus uses departure information to select among multiple possible verification secrets, with the selected verification secret used in validation processing with a cumulative secret value obtained from the packet.

    SERVICE ASSURANCE OF ECMP USING VIRTUAL NETWORK FUNCTION HASHING ALGORITHM
    142.
    发明申请
    SERVICE ASSURANCE OF ECMP USING VIRTUAL NETWORK FUNCTION HASHING ALGORITHM 有权

    公开(公告)号:US20210111989A1

    公开(公告)日:2021-04-15

    申请号:US16601747

    申请日:2019-10-15

    Applicant: Cisco Technology, Inc.

    Inventor: Nagendra Kumar Nainar Carlos M. Pignataro Jaganbabu Rajamanickam Madhan Sankaranarayanan

    IPC: H04L12/721 H04L12/707 H04L12/743

    Abstract: Techniques are presented for evaluating Equal Cost Multi-Path (ECMP) performance in a network that includes a plurality of nodes. According to an example embodiment, a method is provided that includes obtaining information indicating equal cost multi-path (ECMP) paths in the network and a branch node in the network. For the branch node in the network, the method includes instantiating a virtual network function that simulates an ECMP hashing algorithm employed by the branch node to select one of multiple egress interface of the branch node; providing to the virtual network function for the branch node, a query containing entropy information as input to the ECMP hashing algorithm that returns interface selection results; and obtaining from the virtual network function a reply that includes the interface selection results. The method further includes evaluating ECMP performance in the network based on the interface selection results obtained for the branch node.

    DIGITAL INTELLECTUAL CAPITAL-BASED SERVICE ASSURANCE FOR INTENT-BASED NETWORKING
    143.
    发明申请
    DIGITAL INTELLECTUAL CAPITAL-BASED SERVICE ASSURANCE FOR INTENT-BASED NETWORKING 有权

    公开(公告)号:US20210111970A1

    公开(公告)日:2021-04-15

    申请号:US16601926

    申请日:2019-10-15

    Applicant: Cisco Technology, Inc.

    Inventor: Nagendra Kumar Nainar Carlos M. Pignataro Joseph M. Clarke

    IPC: H04L12/26 H04L12/24

    Abstract: A method is provided that involves obtaining service pre-conditions associated with a service to be supported in a network. The method includes providing a plurality of digital Intellectual Capital (IC) modules, and providing signature pre-condition logic that specifies one or more conditions that indicate relevancy of one or more digital IC modules. The method includes selecting, from the plurality of digital IC modules, based on the service pre-conditions and the signature pre-condition logic, one or more particular digital IC modules that are applicable to the service in the network. The method further includes determining information to be obtained from one or more nodes in the network based on the one or more particular digital IC modules, and obtaining the information from the one or more nodes in the network. The information is analyzed to determine whether the one or more specific operational issues are present in the network.

    CLOSED LOOP AUTOMATION FOR INTENT-BASED NETWORKING
    144.
    发明申请
    CLOSED LOOP AUTOMATION FOR INTENT-BASED NETWORKING 有权

    公开(公告)号:US20210105189A1

    公开(公告)日:2021-04-08

    申请号:US16592866

    申请日:2019-10-04

    Applicant: Cisco Technology, Inc.

    Inventor: Benoit Claise Carlos M. Pignataro Eric Vyncke Joseph M. Clarke Mioljub Jovanovic Harjinder Singh

    IPC: H04L12/24

    Abstract: A method is performed at one or more entities configured to configure and provide assurance for a service enabled on a network. The service is configured as a collection of subservices on network devices of the network. A definition of the service is decomposed into a subservice dependency graph that indicates the subservices and dependencies between the subservices that collectively implement the service. Based on the subservice dependency graph, the subservices are configured to record and report subservice metrics indicative of subservice health states of the subservices. The subservice metrics are obtained from the subservices, and the subservice health states of the subservices are determined based on the subservice metrics. A health state of the service is determined based on the subservice health states. One or more of the subservices are reconfigured based on the health state of the service.

    Network operations reactive to operations data included in seamless bidirectional forwarding detection (S-BFD) packets
    145.
    发明授权
    Network operations reactive to operations data included in seamless bidirectional forwarding detection (S-BFD) packets 有权

    公开(公告)号:US10972381B2

    公开(公告)日:2021-04-06

    申请号:US16392299

    申请日:2019-04-23

    Applicant: Cisco Technology, Inc.

    Inventor: Carlos M. Pignataro Nagendra Kumar Nainar Reshad Rahman Frank Brockners Shwetha Subray Bhandari

    IPC: H04L12/707 H04L12/703 H04L29/06 H04L12/24

    Abstract: In one embodiment, in-band operations data (e.g., In-situ Operations, Administration, Maintenance and/or other operations data) is added to Seamless Bidirectional Forwarding (S-BFD) packets. In one embodiment, a S-BFD packet received by a node includes a BFD discriminator and operations data. Reactive processing is identified based on the BFD discriminator. The S-BFD packet and the operations data (e.g., in an operations data field in a header of the received S-BFD packet, in an IOAM Type-Length-Value (TLV), etc.) is processed according to the identified reactive function. Examples of these reactive actions include, but are not limited to, determining a result based on processing of said particular operations data by the local node or a remote analytics server, and sending a response packet including unprocessed and/or a result of the processed operations data (e.g., performance, loss, jitter, an indication of compliance with a service level agreement, and/or another data measurement or result).

    MULTIFACTOR DERIVED IDENTIFICATION
    147.
    发明申请
    MULTIFACTOR DERIVED IDENTIFICATION 审中-公开

    公开(公告)号:US20200322329A1

    公开(公告)日:2020-10-08

    申请号:US16748965

    申请日:2020-01-22

    Applicant: Cisco Technology, Inc.

    Inventor: Alan Robert Lynn Frank Michaud Carlos M. Pignataro Rajiv Asati

    IPC: H04L29/06 G06F7/58

    Abstract: The present technology pertains to a system that authenticates the identity of a user trying to access a service. The system comprises an authentication provider configured to communicate authentication requirements to a continuous multifactor authentication device and the continuous multifactor authentication device configured to receive authentication requirements, to fuse multiple identification factors into an identification credential for a user according to the authentication requirements, and to send the authentication credential to the authentication provider. After receiving the identification credential meeting the authentication requirements, the authentication provider is configured to instruct a service provider to initiate a session.

    Sharing network security threat information using a blockchain network
    149.
    发明授权
    Sharing network security threat information using a blockchain network 有权

    公开(公告)号:US10735203B2

    公开(公告)日:2020-08-04

    申请号:US15728208

    申请日:2017-10-09

    Applicant: Cisco Technology, Inc.

    Inventor: K. Tirumaleswar Reddy Prashanth Patil Puneeth Rao Lokapalli Carlos M. Pignataro

    IPC: H04L9/32 H04L9/06 H04L29/06

    Abstract: In an example embodiment, a validating peer of a plurality of validating peers in a blockchain network receives, from a non-validating peer, a request to create a root block of a blockchain. The root block includes information related to a potential computer security threat. The validating peer creates the root block with a root block pending validation status. The validating peer shares, with other validating peers of the plurality of validating peers, a notification of the root block with the root block pending validation status to provide an indication of the information. The validating peer determines whether the information is authentic. If the information is determined to be authentic, the validating peer changes the root block pending validation status to a root block authenticated validation status and shares, with the other validating peers, a notification of the root block authenticated validation status to indicate that the information is authentic.

Patent Agency Ranking