Patent search ap:("CISCO TECHNOLOGY Page INC.") AND inv:"Sunil Kumar Gupta"

11.

发明授权
System and method of assigning reputation scores to hosts 有权

公开(公告)号：US12192078B2

公开(公告)日：2025-01-07

申请号：US18593403

申请日：2024-03-01

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta , Navindra Yadav , Michael Standish Watts , Ali Parandehgheibi , Shashidhar Gandham , Ashutosh Kulshreshtha , Khawar Deen

IPC: G06F21/00 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/455 , G06F16/11 , G06F16/13 , G06F16/16 , G06F16/17 , G06F16/174 , G06F16/23 , G06F16/2457 , G06F16/248 , G06F16/28 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/55 , G06F21/56 , G06N20/00 , G06N99/00 , G06T11/20 , H04J3/06 , H04J3/14 , H04L1/24 , H04L7/10 , H04L9/08 , H04L9/32 , H04L9/40 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/045 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0852 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/00 , H04L45/302 , H04L45/50 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , H04L67/50

Abstract: A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.

12.

发明授权
Policy utilization analysis 有权

公开(公告)号：US12177097B2

公开(公告)日：2024-12-24

申请号：US18471125

申请日：2023-09-20

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta , Navindra Yadav , Michael Standish Watts , Ali Parandehgheibi , Shashidhar Gandham , Ashutosh Kulshreshtha , Khawar Deen

IPC: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/455 , G06F16/11 , G06F16/13 , G06F16/16 , G06F16/17 , G06F16/174 , G06F16/23 , G06F16/2457 , G06F16/248 , G06F16/28 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/55 , G06F21/56 , G06N20/00 , G06N99/00 , G06T11/20 , H04J3/06 , H04J3/14 , H04L1/24 , H04L7/10 , H04L9/08 , H04L9/32 , H04L9/40 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0852 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/00 , H04L45/302 , H04L45/50 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , H04L67/50

Abstract: An example method according to some embodiments includes receiving flow data for a packet traversing a network. The method continues by determining a source endpoint group and a destination endpoint group for the packet. The method continues by determining that a policy was utilized, the policy being applicable to the endpoint group. Finally, the method includes updating utilization data for the policy based on the flow data.

13.

发明公开
SYSTEM FOR MONITORING AND MANAGING DATACENTERS 审中-公开

公开(公告)号：US20240179153A1

公开(公告)日：2024-05-30

申请号：US18436185

申请日：2024-02-08

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav , Abhishek Ranjan Singh , Shashidhar Gandham , Ellen Christine Scheib , Omid Madani , Ali Parandehgheibi , Jackson Ngoc Ki Pang , Vimalkumar Jeyakumar , Michael Standish Watts , Hoang Viet Nguyen , Khawar Deen , Rohit Chandra Prasad , Sunil Kumar Gupta , Supreeth Hosur Nagesh Rao , Anubhav Gupta , Ashutosh Kulshreshtha , Roberto Fernando Spadaro , Hai Trong Vu , Varun Sagar Malhotra , Shih-Chun Chang , Bharathwaj Sankara Viswanathan , Fnu Rachita Agasthy , Duane Thomas Barlow

IPC: H04L9/40 , H04L43/04 , H04L43/062 , H04L43/0894

CPC classification number: H04L63/1408 , H04L43/04 , H04L43/0894 , H04L63/02 , H04L63/1425 , H04L43/062

Abstract: An example method includes detecting, using sensors, packets throughout a datacenter. The sensors can then send packet logs to various collectors which can then identify and summarize data flows in the datacenter. The collectors can then send flow logs to an analytics module which can identify the status of the datacenter and detect an attack.

14.

发明授权
Application monitoring prioritization 有权

公开(公告)号：US11522775B2

公开(公告)日：2022-12-06

申请号：US16867791

申请日：2020-05-06

Applicant: Cisco Technology, Inc.

Inventor： Jackson Ngoc Ki Pang , Navindra Yadav , Anubhav Gupta , Shashidhar Gandham , Supreeth Hosur Nagesh Rao , Sunil Kumar Gupta

IPC: G08B23/00 , G06F12/16 , G06F12/14 , G06F11/00 , H04L43/045 , H04L9/40 , G06F9/455 , G06N20/00 , G06F21/55 , G06F21/56 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L41/0668 , H04L43/0805 , H04L43/0811 , H04L43/0852 , H04L43/106 , H04L45/00 , H04L45/50 , H04L67/12 , H04L43/026 , H04L61/5007 , H04L67/01 , H04L67/51 , H04L67/75 , H04L67/1001 , H04L43/062 , H04L43/10 , H04L47/2441 , H04L41/0893 , H04L43/08 , H04L43/04 , H04W84/18 , H04L67/10 , H04L41/046 , H04L43/0876 , H04L41/12 , H04L41/16 , H04L41/0816 , G06F21/53 , H04L41/22 , G06F3/04842 , G06F3/04847 , H04L41/0803 , H04L43/0829 , H04L43/16 , H04L1/24 , H04W72/08 , H04L9/08 , H04J3/06 , H04J3/14 , H04L47/20 , H04L47/32 , H04L43/0864 , H04L47/11 , H04L69/22 , H04L45/74 , H04L47/2483 , H04L43/0882 , H04L41/0806 , H04L43/0888 , H04L43/12 , H04L47/31 , G06F3/0482 , G06T11/20 , H04L43/02 , H04L47/28 , H04L69/16 , H04L45/302 , H04L67/50

Abstract: An approach for establishing a priority ranking for endpoints in a network. This can be useful when triaging endpoints after an endpoint becomes compromised. Ensuring that the most critical and vulnerable endpoints are triaged first can help maintain network stability and mitigate damage to endpoints in the network after an endpoint is compromised. The present technology involves determining a criticality ranking and a secondary value for a first endpoint in a datacenter. The criticality ranking and secondary value can be combined to form priority ranking for the first endpoint which can then be compared to a priority ranking for a second endpoint to determine if the first endpoint or the second endpoint should be triaged first.

15.

发明申请
APPLICATION MONITORING PRIORITIZATION 审中-公开

公开(公告)号：US20200267066A1

公开(公告)日：2020-08-20

申请号：US16867791

申请日：2020-05-06

Applicant: Cisco Technology, Inc.

Inventor： Jackson Ngoc Ki Pang , Navindra Yadav , Anubhav Gupta , Shashidhar Gandham , Supreeth Hosur Nagesh Rao , Sunil Kumar Gupta

IPC: H04L12/26 , G06F16/174 , G06F16/23 , G06N99/00 , G06F16/17 , G06F16/13 , G06F16/11 , G06F16/16 , H04L12/715 , H04L12/725 , H04L29/08 , H04L29/06 , H04L12/841 , G06T11/20 , G06F3/0482 , H04L12/721 , H04L12/833 , H04L12/24 , H04L12/851 , H04L12/741 , H04L12/801 , H04L12/823 , H04L12/813 , H04L29/12 , H04J3/14 , H04J3/06 , H04L9/32 , H04L9/08 , H04W72/08 , H04L1/24 , G06F3/0484 , H04L12/723 , G06F21/53 , H04W84/18 , G06F21/56 , G06F21/55 , G06F16/2457 , G06F16/9535 , G06F16/28 , G06F16/248 , G06F16/29 , G06N20/00 , G06F9/455

Abstract: An approach for establishing a priority ranking for endpoints in a network. This can be useful when triaging endpoints after an endpoint becomes compromised. Ensuring that the most critical and vulnerable endpoints are triaged first can help maintain network stability and mitigate damage to endpoints in the network after an endpoint is compromised. The present technology involves determining a criticality ranking and a secondary value for a first endpoint in a datacenter. The criticality ranking and secondary value can be combined to form priority ranking for the first endpoint which can then be compared to a priority ranking for a second endpoint to determine if the first endpoint or the second endpoint should be triaged first.

16.

发明授权
Conditional policies 有权

公开(公告)号：US10129117B2

公开(公告)日：2018-11-13

申请号：US15045210

申请日：2016-02-16

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta , Navindra Yadav , Michael Standish Watts , Ali Parandehgheibi , Shashidhar Gandham , Ashutosh Kulshreshtha , Khawar Deen

IPC: H04L29/06 , H04L12/26 , G06F9/455 , G06F17/30 , H04L12/851 , H04L12/24 , H04W84/18 , H04L29/08 , G06N99/00 , G06F21/53 , H04L12/723 , G06F3/0484 , H04L1/24 , H04W72/08 , H04L9/08 , H04L9/32 , H04J3/06 , H04J3/14 , H04L29/12 , H04L12/813 , H04L12/823 , H04L12/801 , H04L12/741 , H04L12/833 , H04L12/721 , G06F3/0482 , G06T11/20 , H04L12/841 , H04L12/725 , H04L12/715 , G06F21/55 , G06F21/56

Abstract: Conditional policies can be defined that change based on security measurements of network endpoints. In an example embodiment, a network traffic monitoring system can monitor network flows between the endpoints and quantify how secure those endpoints are based on analysis of the network flows and other data. A conditional policy may be created that establishes one or more first connectivity policies for handling a packet when a security measurement of an endpoint is a first value or first range values, and one or more second connectivity policies for handling the packet. The connectivity policies may include permitting connectivity, denying connectivity, redirecting the packet using a specific route, or other network action. When the network traffic monitoring system detects a change to the security measurement of the endpoint, one or more applicable policies can be determined and the system can update policy data for the network to enforce the policies.

17.

发明申请
POLICY-DRIVEN COMPLIANCE 审中-公开
Title translation: 政策驱动遵守

公开(公告)号：US20160359915A1

公开(公告)日：2016-12-08

申请号：US15133155

申请日：2016-04-19

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta , Navindra Yadav , Michael Standish Watts , Ali Parandehgheibi , Shashidhar Gandham , Ashutosh Kulshreshtha , Khawar Deen

IPC: H04L29/06

CPC classification number: H04L63/20 , H04L43/04

Abstract: A network can achieve compliance by defining and enforcing a set of network policies to secure protected electronic information. The network can monitor network data, host/endpoint data, process data, and user data for traffic using a sensor network that provides multiple perspectives. The sensor network can include sensors for networking devices, physical servers, hypervisors or shared kernels, virtual partitions, and other network components. The network can analyze the network data, host/endpoint data, process data, and user data to determine policies for traffic. The network can determine expected network actions based on the policies, such as allowing traffic, denying traffic, configuring traffic for quality of service (QoS), or redirecting traffic along a specific route. The network can update policy data based on the expected network actions and actual network actions. The policy data can be utilized for compliance.

Abstract translation: 网络可以通过定义和实施一组网络策略来实现合规性，以保护受保护的电子信息。该网络可以使用提供多个视角的传感器网络来监控网络数据，主机/端点数据，过程数据和流量的用户数据。传感器网络可以包括用于网络设备，物理服务器，虚拟机管理程序或共享内核，虚拟分区和其他网络组件的传感器。网络可以分析网络数据，主机/端点数据，过程数据和用户数据，以确定流量策略。网络可以基于策略来确定预期的网络动作，例如允许流量，拒绝流量，为服务质量（QoS）配置流量，或者沿特定路由重定向流量。网络可以根据预期的网络动作和实际的网络动作来更新策略数据。政策数据可以用于遵守。