公开(公告)号：US20210028971A1

公开(公告)日：2021-01-28

申请号：US17039328

申请日：2020-09-30

Applicant: Cisco Technology, Inc.

Inventor： Navneet Yadav ,  Kannan Ponnuswamy ,  Arvind Chari ,  Chengguo Zhu ,  Tarique Shakil

IPC: H04L12/24

Abstract: Systems, methods, and computer-readable media for providing cross-domain assurance for networks in different network domains. In some embodiments, a method can include collecting first fabric data for a first network in a first network domain and second fabric data for a second network in a second network domain. The second fabric data for the second network can be normalized based on the first network domain to create normalized second fabric data. The first fabric data can then be correlated with the normalized second fabric data to create correlated fabric data. Subsequently, assurance can be provided across the first network in the first network domain and the second network in the second network domain using the correlated fabric data.

公开(公告)号：US10554477B2

公开(公告)日：2020-02-04

申请号：US15703029

申请日：2017-09-13

Applicant: Cisco Technology, Inc.

Inventor： Shadab Nazar ,  Navneet Yadav ,  Azeem Suleman ,  Pavan Mamillapalli ,  John Thomas Monk ,  Chetan Narsude ,  Navjyoti Sharma ,  Gaurav Gupta

IPC: G06F15/173 ,  H04L12/24 ,  H04L12/26 ,  H04L29/06

Abstract: Systems, methods, and computer-readable media for aggregating and presenting network events in a network environment. In some embodiments, a system can maintain event correlation rules for aggregating \network events occurring in a network based on characteristics of previously occurring network events. Network events occurring in the specific network environment can be identified. The network events can be aggregated to form an aggregated network event using the event correlation rules maintained based on the characteristics of previously occurring network events. The aggregated network event can subsequently be presented to a user.

公开(公告)号：US20190097918A1

公开(公告)日：2019-03-28

申请号：US15713895

申请日：2017-09-25

Applicant: Cisco Technology, Inc.

Inventor： Kannan Ponnuswamy ,  Navneet Yadav ,  Arvind Chari ,  Paul Andrew Raytick

IPC: H04L12/703 ,  H04L12/24

CPC classification number: H04L45/28 ,  H04L41/0654 ,  H04L41/5009 ,  H04L43/0817 ,  H04L45/22

Abstract: Systems, methods, and computer-readable media for providing network assurance. In some embodiments, a method can include receiving input used to identify an endpoint. At least one logical object associated with the endpoint of logical objects in a network environment is identified based on the input. A health of the at least one logical object associated with the endpoint is determined. Additionally, a health of the network environment with respect to the endpoint operating to provide services through the network environment is determined based on the determined health of the at least one logical object associated with the endpoint.

公开(公告)号：US20190081850A1

公开(公告)日：2019-03-14

申请号：US15703029

申请日：2017-09-13

Applicant: Cisco Technology, Inc.

Inventor： Shadab Nazar ,  Navneet Yadav ,  Azeem Suleman ,  Pavan Mamillapalli ,  John Thomas Monk ,  Chetan Narsude ,  Navjyoti Sharma ,  Gaurav Gupta

IPC: H04L12/24 ,  H04L12/26

Abstract: Systems, methods, and computer-readable media for aggregating and presenting network events in a network environment. In some embodiments, a system can maintain event correlation rules for aggregating \network events occurring in a network based on characteristics of previously occurring network events. Network events occurring in the specific network environment can be identified. The network events can be aggregated to form an aggregated network event using the event correlation rules maintained based on the characteristics of previously occurring network events. The aggregated network event can subsequently be presented to a user.

公开(公告)号：US20210152607A1

公开(公告)日：2021-05-20

申请号：US17157957

申请日：2021-01-25

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L29/06 ,  G06F16/22 ,  H04L12/26

Abstract: In some examples, a system creates a requirement including EPG selectors representing EPG pairs, a traffic selector, and a communication operator; determines that EPGs in distinct pairs are associated with different network contexts and, for each pair, which network context(s) contains associated policies; creates first data representing the pair, operator, and traffic selector; when only one network context contains the associated policies, creates second data representing a network model portion associated with the only network context and determines whether the first data is contained in the second data to yield a first check; when both network contexts contain the associated policies, also creates third data representing a network model portion associated with a second network context, and determines whether the first data is contained in the second and/or third data to yield a second check; and determines whether policies for the pairs comply with the requirement based on the checks.

公开(公告)号：US20210119855A1

公开(公告)日：2021-04-22

申请号：US17138663

申请日：2020-12-30

Applicant: Cisco Technology, Inc.

Inventor： Chien-Ju Lo ,  Bill YuFan Chen ,  Kannan Ponnuswamy ,  Kollivakkam Raghavan ,  Navneet Yadav

IPC: H04L12/24 ,  H04L12/26

Abstract: A monitoring device for troubleshooting events in a datacenter network identifies a first network event for a time period, and provides an initial display page, one or more additional display pages, selectable display objects, and a representation of the first network event. The device generates a dynamic troubleshooting path for the first network event to track a user navigation between display pages, a manipulation of the one or more selectable display objects, and a last-current display page, and also provides an indication of a second network event associated with higher resolution priority relative to the first network event. Retrieving the dynamic troubleshooting path causes the interface to present the last-current display page, apply the manipulation of the one or more selectable display objects, and load the user navigation between the initial dashboard display page and the one or more additional display pages in a cache.

公开(公告)号：US20200007583A1

公开(公告)日：2020-01-02

申请号：US16217559

申请日：2018-12-12

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L29/06

Abstract: Systems, methods, and computer-readable media for assurance of rules in a network. An example method can include creating a compliance requirement including a first endpoint group (EPG) selector, a second EPG selector, a traffic selector, and a communication operator, the first and second EPG selectors representing sets of EPGs and the communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector. The method can include creating, for each distinct pair of EPGs, a first respective data structure representing the distinct pair of EPGs, the communication operator, and the traffic selector; creating a second respective data structure representing a logical model of the network; determining whether the first respective data structure is contained in the second respective data structure to yield a containment check; and determining whether policies on the network comply with the compliance requirement based on the containment check.

公开(公告)号：US20190379572A1

公开(公告)日：2019-12-12

申请号：US16002981

申请日：2018-06-07

Applicant: Cisco Technology, Inc.

Inventor： Navneet Yadav ,  Kannan Ponnuswamy ,  Arvind Chari ,  Chengguo Zhu ,  Tarique Shakil

IPC: H04L12/24

Abstract: Systems, methods, and computer-readable media for providing cross-domain assurance for networks in different network domains. In some embodiments, a method can include collecting first fabric data for a first network in a first network domain and second fabric data for a second network in a second network domain. The second fabric data for the second network can be normalized based on the first network domain to create normalized second fabric data. The first fabric data can then be correlated with the normalized second fabric data to create correlated fabric data. Subsequently, assurance can be provided across the first network in the first network domain and the second network in the second network domain using the correlated fabric data.

公开(公告)号：US10333833B2

公开(公告)日：2019-06-25

申请号：US15713895

申请日：2017-09-25

Applicant: Cisco Technology, Inc.

Inventor： Kannan Ponnuswamy ,  Navneet Yadav ,  Arvind Chari ,  Paul Andrew Raytick

IPC: H04L12/703 ,  H04L12/24 ,  H04L12/26 ,  H04L12/707

Abstract: Systems, methods, and computer-readable media for providing network assurance. In some embodiments, a method can include receiving input used to identify an endpoint. At least one logical object associated with the endpoint of logical objects in a network environment is identified based on the input. A health of the at least one logical object associated with the endpoint is determined. Additionally, a health of the network environment with respect to the endpoint operating to provide services through the network environment is determined based on the determined health of the at least one logical object associated with the endpoint.

公开(公告)号：US20180367541A1

公开(公告)日：2018-12-20

申请号：US15794908

申请日：2017-10-26

Applicant: Cisco Technology, Inc.

Inventor： Kannan Ponnuswamy ,  Navneet Yadav ,  Arvind Chari

IPC: H04L29/06

CPC classification number: H04L63/101 ,  H04L63/20

Abstract: Systems, methods, and computer-readable media for migrating to and maintaining a white-list network security model. Network traffic identified from permit-all access logs can be analyzed to determine whether it should be white-listed, and if so, a specific permit-access, without logging, policy is generated for the identified network traffic. The addition of specific permit-access policies is repeated on permit-all access logs, at which point, permit-all access policy is converted into deny-all access. In some examples, a system or method can obtain hit counts, from both hardware (eg: TCAM) and software tables, for the specific permit-access policy to determine existence of identified network traffic over a period of time. After analyzing hit counts, the specific permit-access policy can either continue to exist or be removed to maintain a white-list network security model.