公开(公告)号：US20240422846A1

公开(公告)日：2024-12-19

申请号：US18817885

申请日：2024-08-28

Applicant: Cisco Technology, Inc.

Inventor： Amine Choukir ,  Robert Barton ,  Anirban Karmakar ,  Domenico Ficara ,  Vincent Cuissard ,  Jerome Henry

IPC: H04W76/15 ,  H04W76/30 ,  H04W80/02

Abstract: A user device connected to a wireless network maintains session persistence through a MAC address change of a user device. The user device establishes a multi-path communication session including a first subflow associated with a first MAC address for the user device. When the user device changes from the first MAC address to a second MAC address. the user device establishes a second subflow of the multi-path communication session. The second subflow is associated with the second MAC address. After establishing the second subflow associated with the second MAC address, the user device ends the first subflow associated with the first MAC address.

公开(公告)号：US20240275758A1

公开(公告)日：2024-08-15

申请号：US18630378

申请日：2024-04-09

Applicant: Cisco Technology, Inc.

Inventor： Thomas Vegas ,  Anirban Karmakar ,  Robert Barton ,  Jerome Henry

IPC: H04L61/2596 ,  H04L101/622 ,  H04W8/26 ,  H04W80/02

CPC classification number: H04L61/2596 ,  H04W8/26 ,  H04L2101/622 ,  H04W80/02

Abstract: A first access point of a wireless network minimizes Media Access Control (MAC) address collisions in the wireless network. The first access point receives an association request from a first wireless device. The association request identifies a first MAC address of the first wireless device. The first access point determines whether a second wireless device is associated with the wireless network using the first MAC address. Responsive to a determination that the second wireless device is associated with a second access point of the wireless network, the first access point obtains a virtual MAC address for the first wireless device. The first access point translates between the first MAC address and the virtual MAC address for network traffic of the first wireless device.

公开(公告)号：US20240064125A1

公开(公告)日：2024-02-22

申请号：US18501275

申请日：2023-11-03

Applicant: Cisco Technology, Inc.

Inventor： Roberto Muccifora ,  Domenico Ficara ,  Amine Choukir ,  Anirban Karmakar ,  Vincent Cuissard ,  Sudhir Kumar Jain

IPC: H04L61/5061 ,  H04L61/5053

CPC classification number: H04L61/5061 ,  H04L61/5053 ,  H04W88/02

Abstract: Techniques are provided that rotate a device address used to identify a wireless client device on a wireless network. The wireless client device and at least one network infrastructure component identify a plurality of device addresses associated with the wireless client device. In some embodiments, the plurality of device addresses are generated via a corresponding plurality of invocations of a stateful random number generator, such as a cryptographically secure pseudorandom number generator.

公开(公告)号：US11855961B2

公开(公告)日：2023-12-26

申请号：US17329827

申请日：2021-05-25

Applicant: Cisco Technology, Inc.

Inventor： Roberto Muccifora ,  Domenico Ficara ,  Amine Choukir ,  Anirban Karmakar ,  Vincent Cuissard ,  Sudhir Kumar Jain

IPC: H04L61/5061 ,  H04L61/5053 ,  H04W88/02

CPC classification number: H04L61/5061 ,  H04L61/5053 ,  H04W88/02

Abstract: Techniques are provided that rotate a device address used to identify a wireless client device on a wireless network. The wireless client device and at least one network infrastructure component identify a plurality of device addresses associated with the wireless client device. In some embodiments, the plurality of device addresses are generated via a corresponding plurality of invocations of a stateful random number generator, such as a cryptographically secure pseudorandom number generator.

公开(公告)号：US20230221961A1

公开(公告)日：2023-07-13

申请号：US17571906

申请日：2022-01-10

Applicant: Cisco Technology, Inc.

Inventor： Thomas Vegas ,  Domenico Ficara ,  Anirban Karmakar ,  Giacomo Trifilo ,  Amine Choukir

IPC: G06F9/38

CPC classification number: G06F9/3861 ,  G06F9/3867

Abstract: This disclosure describes techniques for performing a remote front-drop of data for recovery after a pipeline stall. The techniques include using a receiver-side dropping strategy that is driven from the sender-side. Components of a pipeline determine whether a pipeline is operating within specified latency constraints (e.g., experiencing a pipeline stall). Upon detecting a pipeline stall, the sending device is notified of the stall. Once the sending device is notified of the pipeline stall, the sending device can determine what action(s) to perform to address the pipeline stall. For example, the sending device may instruct one or more components of the pipeline to discard already sent data that has not been processed. This allows the older data to be dropped on the stalled pipeline while keeping the more recently sent data.

公开(公告)号：US11489875B2

公开(公告)日：2022-11-01

申请号：US16774950

申请日：2020-01-28

Applicant: Cisco Technology, Inc.

Inventor： Antonio Trifilo ,  Maria Carpen Amarie ,  Thomas Vegas ,  Anirban Karmakar ,  Shree N. Murthy

IPC: G06F13/00 ,  H04L9/40 ,  H04L47/70 ,  H04L61/4511

Abstract: The use of device context in applying security policies is provided by receiving a Domain Name Service (DNS) query for a network resource from a user device (UD) at a DNS analysis server, the DNS query including a functional label describing a context of the UD; analyzing the DNS query to determine whether the UD is permitted to access the network resource based on the functional label; and in response to the functional label indicating that the UD is not permitted to access the network resource, transmitting a block page to the UD. The functional label can be added to the DNS query by a Mobile Device Management application on the UD, a router associated with the UD, or an enterprise server. Contexts for previously blocked DNS queries can be aggregated to identify UDs sharing at least one value with the previously blocked DNS queries as security compromised devices.

公开(公告)号：US12299452B2

公开(公告)日：2025-05-13

申请号：US17571906

申请日：2022-01-10

Applicant: Cisco Technology, Inc.

Inventor： Thomas Vegas ,  Domenico Ficara ,  Anirban Karmakar ,  Giacomo Trifilo ,  Amine Choukir

IPC: G06F9/38

Abstract: This disclosure describes techniques for performing a remote front-drop of data for recovery after a pipeline stall. The techniques include using a receiver-side dropping strategy that is driven from the sender-side. Components of a pipeline determine whether a pipeline is operating within specified latency constraints (e.g., experiencing a pipeline stall). Upon detecting a pipeline stall, the sending device is notified of the stall. Once the sending device is notified of the pipeline stall, the sending device can determine what action(s) to perform to address the pipeline stall. For example, the sending device may instruct one or more components of the pipeline to discard already sent data that has not been processed. This allows the older data to be dropped on the stalled pipeline while keeping the more recently sent data.

公开(公告)号：US20250106164A1

公开(公告)日：2025-03-27

申请号：US18475913

申请日：2023-09-27

Applicant: Cisco Technology, Inc.

Inventor： Anirban Karmakar ,  Thomas Vegas ,  Vincent Cuissard

IPC: H04L41/0896 ,  H04L47/215

Abstract: A system and method are provided for allocating bandwidth and metering data flows within a wireless mesh-tree network. The network includes a wireless LAN controller (WLC), a root access point (RAP), and mesh access points (MAPs), which are arranged in respective hop levels corresponding to the number of links a given MAP is removed from the RAP. The WLC allocates available data rates (ADRs) to the respective MAPs, and each MAP then apportions its ADR among various origination types of data flowing through the given MAP (e.g., backhaul, ethernet-bridged, and client data types). The MAPs can use a token bucket filter (TBF)-like mechanism to enforce this apportionment. WiFi multi-media (WMM) based access classes can be used to shape the data flows (e.g., an NC access class assigned to topology maintenance traffic ensures it is fed directly into a WMM queue).

公开(公告)号：US12034695B2

公开(公告)日：2024-07-09

申请号：US17673100

申请日：2022-02-16

Applicant: Cisco Technology, Inc.

Inventor： Thomas Vegas ,  Anirban Karmakar ,  Robert Barton ,  Jerome Henry

IPC: H04L61/2596 ,  H04W8/26 ,  H04L101/622 ,  H04W80/02

CPC classification number: H04L61/2596 ,  H04W8/26 ,  H04L2101/622 ,  H04W80/02

Abstract: A first access point of a wireless network minimizes Media Access Control (MAC) address collisions in the wireless network. The first access point receives an association request from a first wireless device. The association request identifies a first MAC address of the first wireless device. The first access point determines whether a second wireless device is associated with the wireless network using the first MAC address. Responsive to a determination that the second wireless device is associated with a second access point of the wireless network, the first access point obtains a virtual MAC address for the first wireless device. The first access point translates between the first MAC address and the virtual MAC address for network traffic of the first wireless device.

公开(公告)号：US20240098621A1

公开(公告)日：2024-03-21

申请号：US17933111

申请日：2022-09-18

Applicant: Cisco Technology, Inc.

Inventor： Thomas Vegas ,  Loris Gazzarrini ,  Anirban Karmakar ,  Vincent Cuissard

IPC: H04W40/24

CPC classification number: H04W40/246 ,  H04W84/18

Abstract: Radio discovery for a mesh Access Point (AP) may be provided. Topology information associated with a first network may be received wherein the first network may comprise a mesh network. A Topology Descriptor Message (TDM) may then be created based on the topology information. The TDM may then be transmitted by a first Access Point (AP).