公开(公告)号：US12052273B2

公开(公告)日：2024-07-30

申请号：US18066446

申请日：2022-12-15

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Alberto Rodriguez Natal ,  Yegappan Lakshmanan ,  Fabio R. Maino ,  Anand Oswal

IPC: H04L9/40 ,  G06F21/53 ,  G06F21/55 ,  G06F21/56

CPC classification number: H04L63/1416 ,  G06F21/53 ,  G06F21/552 ,  G06F21/566 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/20

Abstract: Techniques for providing network traffic security in a virtualized environment are described. A threat aware controller uses a threat feed provided by a threat intelligence service to establish a threat detection engine on virtual switches. The threat aware controller and threat detection engine work together to detect any anomalous or malicious behavior of network traffic on the virtual switch and established virtual network functions to quickly detect, verify, and isolate network threats.

公开(公告)号：US11842218B2

公开(公告)日：2023-12-12

申请号：US18158906

申请日：2023-01-24

Applicant: Cisco Technology, Inc.

Inventor： Yanping Qu ,  Sabita Jasty ,  Kaushik Pratap Biswas ,  Yegappan Lakshmanan

IPC: G06F9/50 ,  G06F9/455

CPC classification number: G06F9/5027 ,  G06F9/45558 ,  G06F2009/45562

Abstract: A virtual machine management service obtains a request to instantiate a virtual machine image (VMI) to implement a virtual network function (VNF). The request specifies a set of processor requirements corresponding to instantiation of the VMI. In response to the request, the service identifies, from a server comprising a set of processor cores, available processor capacity. The service determines, based on the available processor capacity and the set of processor requirements, whether to instantiate the VMI on to a subset of processor cores of the server. Based on this determination, the service instantiates the VMI on to the subset of processor cores to implement the VNF.

公开(公告)号：US11609776B1

公开(公告)日：2023-03-21

申请号：US16725527

申请日：2019-12-23

Applicant: Cisco Technology, Inc.

Inventor： Yanping Qu ,  Sabita Jasty ,  Yegappan Lakshmanan ,  Kaushik Pratap Biswas

IPC: G06F9/455 ,  G06F9/54 ,  H04L49/00 ,  H04L49/15 ,  G06F11/14 ,  H04L45/586

Abstract: An elastic Internet Protocol (IP) address for hypervisor and virtual router management in a branch environment may be provided. First, an IP address may be assigned to a hypervisor associated with a virtual branch. Next, it may be determined that a virtual machine (VM) has been instantiated at the virtual branch. In response to determining that the VM has been instantiated at the virtual branch, the IP address may then be released. It may next be determined that the VM is in a failed state and then, in response to determining that the VM is in the failed state, the IP address may be reassigned to the hypervisor.

公开(公告)号：US11558402B2

公开(公告)日：2023-01-17

申请号：US16666143

申请日：2019-10-28

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Alberto Rodriguez Natal ,  Yegappan Lakshmanan ,  Fabio R. Maino ,  Anand Oswal

IPC: H04L9/40 ,  G06F21/56 ,  G06F21/53 ,  G06F21/55

Abstract: Techniques for providing network traffic security in a virtualized environment are described. A threat aware controller uses a threat feed provided by a threat intelligence service to establish a threat detection engine on virtual switches. The threat aware controller and threat detection engine work together to detect any anomalous or malicious behavior of network traffic on the virtual switch and established virtual network functions to quickly detect, verify, and isolate network threats.

公开(公告)号：US10164911B2

公开(公告)日：2018-12-25

申请号：US14946907

申请日：2015-11-20

Applicant: Cisco Technology, Inc.

Inventor： Yegappan Lakshmanan ,  Atulya Chandra ,  Nagaraj Arunkumar

IPC: H04Q11/04 ,  G06F13/24 ,  H04L12/935

Abstract: An emulator module integrated with a hypervisor executes on a host computer having a physical network interface card (pNIC). The hypervisor hosts a virtual machine having a virtual NIC (vNIC). The pNIC has pNIC receive pointers to point to receive packets loaded into a receive buffer by the pNIC. The vNIC has vNIC receive pointers for retrieval of the receive packets from the receive buffer. The emulator module accesses a pNIC receive pointer in the pNIC that points to the receive packet loaded into the receive buffer by the pNIC, and maps a vNIC receive pointer to the pNIC receive pointer accessed by the emulator module, to enable the vNIC to retrieve the receive packet from the receive buffer using the vNIC receive pointer. The emulator module notifies the vNIC to retrieve the receive packet from the receive buffer.