公开(公告)号：US11838283B2

公开(公告)日：2023-12-05

申请号：US17937935

申请日：2022-10-04

Applicant: Cisco Technology, Inc.

Inventor： David Delano Ward ,  Robert Stephen Rodgers ,  Andrew Phillips Thurber ,  Eric Voit ,  Thomas John Giuli

IPC: H04L9/40

CPC classification number: H04L63/08 ,  H04L63/126

Abstract: An enclave manager of a network enclave obtains a request to retrieve configuration information and state information corresponding to compute devices and network devices comprising a network enclave. The request specifies a set of parameters of the configuration information and the state information usable to generate a response to the request. The enclave manager evaluates the compute devices, the network devices, and network connections among these devices within the network enclave to obtain the configuration information and the state information. Based on the configuration information and the state information, the enclave manager determines whether the network enclave is trustworthy. Based on the parameters of the request, the enclave manager generates a response indicating a summary that is used to identify the trustworthiness of the network enclave.

公开(公告)号：US20230370526A1

公开(公告)日：2023-11-16

申请号：US18124232

申请日：2023-03-21

Applicant: Cisco Technology, Inc. ,  PacketFabric, Inc.

Inventor： Patrice Brissette ,  Jiri Chaloupka ,  Robert Stephen Rodgers ,  Bart Van De Velde ,  David Delano Ward ,  Kenneth Gray

IPC: H04L67/141 ,  H04L61/5007 ,  H04L45/02 ,  H04L45/00

CPC classification number: H04L67/141 ,  H04L61/5007 ,  H04L45/04 ,  H04L45/72

Abstract: Techniques for devices in autonomous systems to utilize a protocol, such as a Border Gateway Protocol (BGP), to signal intent to instantiate services for establishing connections between the devices. For instance, first device(s) in a first autonomous system (AS) may determine to establish a connection with a second AS. The first device(s) may encode a service key into an Internet Protocol (IP) address where the service key indicates a service that is to be provisioned on second device(s) in the second AS. The first device(s) system may then advertise the IP address host-route using BGP, and the second device(s) may receive the BGP advertisement. The second device(s) may decode the service key from the IP address, and provision the service to establish the connection between the autonomous systems. Thus, the devices in may leverage existing protocols to signal intent to instantiate services and establish connections between autonomous systems.

公开(公告)号：US11489823B2

公开(公告)日：2022-11-01

申请号：US16808966

申请日：2020-03-04

Applicant: Cisco Technology, Inc.

Inventor： David Delano Ward ,  Robert Stephen Rodgers ,  Andrew Phillips Thurber ,  Eric Voit ,  Thomas John Giuli

IPC: H04L9/40

Abstract: An enclave manager of a network enclave obtains a request to retrieve configuration information and state information corresponding to compute devices and network devices comprising a network enclave. The request specifies a set of parameters of the configuration information and the state information usable to generate a response to the request. The enclave manager evaluates the compute devices, the network devices, and network connections among these devices within the network enclave to obtain the configuration information and the state information. Based on the configuration information and the state information, the enclave manager determines whether the network enclave is trustworthy. Based on the parameters of the request, the enclave manager generates a response indicating a summary that is used to identify the trustworthiness of the network enclave.