公开(公告)号：US12261736B2

公开(公告)日：2025-03-25

申请号：US17817330

申请日：2022-08-03

Applicant: Google LLC

Inventor： Hui Liu ,  Hongkun Yang ,  Gargi Adhav ,  Tianqiong Luo ,  Aspi Siganporia ,  Rob Enns ,  Lakshmi Sharma ,  Manasa Chalasani

IPC: H04L41/0677 ,  H04L41/0866 ,  H04L41/14

Abstract: A method for scalable event driven auto-diagnosis systems includes obtaining a data packet configured for transmission across a network from a source address to a destination address. The method includes obtaining a list of changes to the network. The method also includes analyzing, based on a network model, the data packet using a plurality of analyzers. The method includes correlating the list of changes to the network and the analysis of the data packet. The method further includes determining, based on the correlation between the list of changes to the network and the analysis of the data packet, a configuration status of the network. The method also includes reporting the configuration status to a user.

公开(公告)号：US20230396508A1

公开(公告)日：2023-12-07

申请号：US18452512

申请日：2023-08-18

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L41/14 ,  H04L41/28

CPC classification number: H04L41/145 ,  H04L41/28 ,  H04L63/0272

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operation includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US20230164022A1

公开(公告)日：2023-05-25

申请号：US17989998

申请日：2022-11-18

Applicant: Google LLC

Inventor： Tianqiong Luo ,  Hui Liu ,  Hongkun Yang ,  Gargi Adhav ,  Anantanarayanan Govindarajan Iyengar ,  Yihan Zhang

IPC: H04L41/0631 ,  H04L41/16

CPC classification number: H04L41/0645 ,  H04L41/16

Abstract: Analysis of a root cause of errors within a cloud network is manually complex and computationally intensive. Methods and systems are provided to determine a subset of elements of the cloud network to analyze, and to identify a subset of analyzers for analyzing the subset of elements to determine the root cause for the error. Thus, when configuring a network, a user may be provided with an identification of the root cause of error, enabling the user to quickly identify and correct the error.

公开(公告)号：US20230114050A1

公开(公告)日：2023-04-13

申请号：US18051686

申请日：2022-11-01

Applicant: Google LLC

Inventor： Kan Cai ,  Vikas Aggarwal ,  Gargi Adhav ,  Rajendra Yavatkar ,  Ning Zhao ,  Vishal Gupta

IPC: H04L9/40 ,  H04L43/026 ,  H04L41/16 ,  G06F9/54 ,  G06N20/00 ,  H04L41/14

Abstract: A firewall intelligence system, includes a data storage storing a set of firewall rules for a network; a recommendation engine that receives, from a log service, traffic logs detailing traffic for the network and firewall logs detailing the usage of firewall rules in response to the traffic for the network, accesses, from the data storage, the set of firewall rules for the network; processes the set of firewall rules to evaluate the firewall rules against a set of quantitative evaluation rules to determine one or more firewall rule recommendations, wherein each firewall rule recommendation is a recommendation to change at least one of the firewall rules in the set of firewall rules; and a front end API that provides data describing the one or more firewall rule recommendations to a user device.

公开(公告)号：US11477110B2

公开(公告)日：2022-10-18

申请号：US16840084

申请日：2020-04-03

Applicant: Google LLC

Inventor： Hui Liu ,  Leslie Choong ,  Hongkun Yang ,  Shishir Agrawal ,  Raj Yavatkar ,  Tianqiong Luo ,  Gargi Adhav ,  Steffen Smolka

IPC: H04L12/28 ,  H04L45/02 ,  H04L41/12 ,  H04L45/74

Abstract: A method for providing cloud network reachability analysis includes receiving a reachability query requesting a reachability status of a target including a packet header associated with a data packet. The packet header includes a source IP address and a destination IP address. The method also includes generating one or more simulated forwarding paths for the data packet based on the packet header using a data plane model. Each simulated forwarding path includes corresponding network configuration information. The method includes determining the reachability status of the target based on the one or more simulated forwarding paths and providing the determined reachability status and the one or more simulated forwarding paths to a user device associated with the reachability query which causes the user device to present the network configuration information for each simulated forwarding path.

公开(公告)号：US11424991B2

公开(公告)日：2022-08-23

申请号：US17110259

申请日：2020-12-02

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L12/00 ,  H04L41/14 ,  H04L41/28 ,  H04L9/40

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operations includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US20220191102A1

公开(公告)日：2022-06-16

申请号：US17117376

申请日：2020-12-10

Applicant: Google LLC

Inventor： Hongkun Yang ,  Hui Liu ,  Gargi Adhav ,  Alan Tang

IPC: H04L12/24 ,  H04L12/26

Abstract: A method of network reachability impact analysis includes receiving a plurality of network configuration snapshots for a network. The method also include selecting a first network configuration snapshot of the network and a second network configuration snapshot of the network. The method further includes generating a first reachability graph representing packet reachability of the network for the first network configuration snapshot. The method also includes generating a second reachability graph representing packet reachability of the network for the second network configuration snapshot. The method also includes computing a reachability differentiation graph identifying a net change to reachability from the first reachability graph to the second reachability graph. The method further includes generating a reachability differentiation report including a human-interpretable output of the net change to reachability.

公开(公告)号：US20220150128A1

公开(公告)日：2022-05-12

申请号：US17110259

申请日：2020-12-02

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L12/24

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operations includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US12170596B2

公开(公告)日：2024-12-17

申请号：US18452512

申请日：2023-08-18

Applicant: Google LLC

Inventor： Gargi Adhav ,  Hui Liu ,  Vishal Gupta ,  Vikas Aggarwal ,  Kan Cai ,  Xiaoyu Zhang

IPC: H04L12/00 ,  H04L41/14 ,  H04L41/28 ,  H04L9/40

Abstract: A system for simulating network configurations includes data processing hardware and memory hardware in communication with the data processing hardware. The memory hardware stores instructions that when executed on the data processing hardware cause the data processing hardware to perform operations. The operation includes receiving one or more parameter changes for a production network model of a network. The operations also include generating a simulation network model including the one or more parameter changes. Another operation includes analyzing the simulated network flow within the simulation network model. The operations also include generating a report including an impact of the parameter changes on the network. The operations may also include receiving a production network log including a recorded workflow for the production network model and simulating the production workflow of the production network log within the simulation network model to generate a simulated network log.

公开(公告)号：US12009985B2

公开(公告)日：2024-06-11

申请号：US17804389

申请日：2022-05-27

Applicant: Google LLC

Inventor： Hongkun Yang ,  Hui Liu ,  Gargi Adhav ,  Alan Tang

IPC: H04L41/12 ,  H04L41/082 ,  H04L41/084 ,  H04L41/085 ,  H04L43/045

CPC classification number: H04L41/12 ,  H04L41/082 ,  H04L41/0846 ,  H04L41/085 ,  H04L43/045

Abstract: A method includes obtaining a stream of consecutive network configuration snapshots each including network configuration information. The method also includes determining that first network configuration information is the same as second network configuration information. After determining that the first network configuration information is the same as the second network configuration information, the method includes determining that the second network configuration information is not the same as third network configuration information. The method also includes determining a net change in reachability for a network based on a difference in packet reachability. The method also includes determining a policy violation based on the net change in reachability for the network and generating a reachability differentiation report including the policy violation. The method also includes reverting a configuration of the network to a state corresponding to the first network configuration information and implementing the network using the reverted configuration.