公开(公告)号：US20210044678A1

公开(公告)日：2021-02-11

申请号：US16536679

申请日：2019-08-09

Applicant: Cisco Technology, Inc.

Inventor： Prashanth Patil ,  Rajesh Indira Viswambharan ,  Ram Mohan Ravindranath

IPC: H04L29/06 ,  H04L29/12

Abstract: In one embodiment, a domain name system (DNS) service receives a DNS request sent by a client for a particular destination. The DNS service determines that a connection between the client and the particular destination will not support use of the Quick User Datagram Protocol (UDP) Internet Connections (QUIC) protocol. The DNS service generates a DNS response to the DNS request that includes an indication that the connection between the client and the particular destination will not support use of the QUIC protocol within an Extensions Mechanisms for DNS (EDNS) field of the DNS response. The DNS service sends the DNS response, to cause an intermediary between the client and the particular destination to explicitly reject a QUIC protocol connection attempted by the client with the particular destination.

公开(公告)号：US10230694B2

公开(公告)日：2019-03-12

申请号：US15211259

申请日：2016-07-15

Applicant: Cisco Technology, Inc.

Inventor： K. Tirumaleswar Reddy ,  Prashanth Patil ,  Daniel G. Wing ,  Ram Mohan Ravindranath

IPC: H04L29/06 ,  H04N21/2347 ,  H04N21/266 ,  H04N21/643 ,  H04N21/4405 ,  H04N7/14 ,  H04N7/15

Abstract: A media distribution network device connects to an online collaborative session between a first participant network device, a second participant network device, and a security participant network device. The security participant network device is configured to decrypt packets of the online collaborative session to apply security polices to the packets. An encrypted packet is received at the media distribution network device. The encrypted packet is received from the first participant network device containing data to be distributed as part of the online collaborative session. The encrypted packet is distributed to the security participant network device prior to distributing the encrypted packet to the second participant network device.

公开(公告)号：US20190020678A1

公开(公告)日：2019-01-17

申请号：US15646429

申请日：2017-07-11

Applicant: Cisco Technology, Inc.

Inventor： K Tirumaleswar Reddy ,  Ram Mohan Ravindranath ,  Prashanth Patil ,  Carlos M. Pignataro

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/1458 ,  H04L9/3228 ,  H04L9/3236 ,  H04L9/3297 ,  H04L63/0838 ,  H04L63/1425 ,  H04L65/1006 ,  H04L65/403

Abstract: A web conferencing operator can enable participants to share multimedia content in real-time despite one or more of the participants operating from behind a middlebox via network address translation (NAT) traversal protocols and tools, such as STUN, TURN, and/or ICE. In NAT traversal, participants share a transport addresses that the participants can use to establish a joint media session. However, connectivity checks during NAT traversal can expose a media distribution device hosted by the web conferencing operator to various vulnerabilities, such as distributed denial of service (DDoS) attacks. The web conferencing operator can minimize the effects of a DDoS attack during the connectivity checks at scale and without significant performance degradation by configuring the middlebox to validate incoming requests for the connectivity checks without persistent signaling between the web conference operator and the middlebox.

公开(公告)号：US09843505B2

公开(公告)日：2017-12-12

申请号：US14724635

申请日：2015-05-28

Applicant: CISCO TECHNOLOGY, INC.

Inventor： K. Tirumaleswar Reddy ,  Prashanth Patil ,  Daniel G. Wing ,  Ram Mohan Ravindranath ,  William C. VerSteeg ,  Charles U. Eckel

IPC: H04L12/721 ,  H04L12/851 ,  H04L12/46 ,  H04L29/06 ,  H04L12/725

CPC classification number: H04L45/38 ,  H04L12/4633 ,  H04L45/302

Abstract: A computer-implemented method includes sending a first request message to a first server associated with a first access network indicative of a request for an indication of whether the first server is configured to support prioritization of tunneled traffic, receiving a first response message from the first server indicative of whether the first server is configured to support prioritization of tunneled traffic, establishing one or more first tunnels with a security service when the first response message is indicative that the first server is configured to support prioritization of tunneled traffic, sending first flow characteristics and a first tunnel identifier to the first server; and receiving the first flow characteristics for each first tunnel from the first server at a first network controller. The first network controller is configured to apply a quality of service policy within the first access network for each tunnel in accordance with the flow characteristics.

公开(公告)号：US20140310797A1

公开(公告)日：2014-10-16

申请号：US14317633

申请日：2014-06-27

Applicant: Cisco Technology, Inc.

Inventor： Ram Mohan Ravindranath ,  Muthu Arul Mozhi Perumal

IPC: H04L29/06

CPC classification number: H04L63/029 ,  G06F2221/2101 ,  H04L9/3234 ,  H04L61/2575

Abstract: A Trusted Routing Point (TROP) generates a signaling message that includes an authorization token used to authorize a firewall to open a pinhole. The signaling message contains a first indicator that indicates whether a data field in the signaling message represents a source address of a media flow. The signaling message also includes a second indicator that indicates whether the firewall should derive the source address of the media flow from the data field. The authorization token is generated using a one-way hash function over information that may be included in the signaling message, including the first indicator and the second indicator.

Abstract translation: 可信路由点（TROP）生成包含用于授权防火墙打开针孔的授权令牌的信令消息。 信令消息包含指示信令消息中的数据字段是否表示媒体流的源地址的第一指示符。 信令消息还包括第二指示符，其指示防火墙是否应从数据字段导出媒体流的源地址。 使用单向哈希函数生成授权令牌，该信息可以包括在信令消息中的信息，包括第一指示符和第二指示符。

公开(公告)号：US20230275994A1

公开(公告)日：2023-08-31

申请号：US17682584

申请日：2022-02-28

Applicant: Cisco Technology, Inc.

Inventor： Ram Mohan Ravindranath ,  Faisal Siyavudeen ,  Manish Joshi

IPC: H04M3/42

CPC classification number: H04M3/42391

Abstract: A call is conducted with a first device of a user, the first device lacking captions capability. A second device of the user is identified for receiving captions for the call from among a plurality of second devices of the user based on one or more from a group of distances of the second devices to a location of the first device, display quality of the second devices, status of the second devices, and user preferences for the second devices. An identified second device is joined to the call to receive the captions during the call conducted with the first device.

公开(公告)号：US11507399B1

公开(公告)日：2022-11-22

申请号：US17329696

申请日：2021-05-25

Applicant: Cisco Technology, Inc.

Inventor： Rajarshee Dhar ,  Ram Mohan Ravindranath ,  Deepesh Arora ,  Faisal Siyavudeen ,  Mingfeng Yang

IPC: G06F9/451 ,  G06F3/0485 ,  G06F3/04842 ,  G06F3/14 ,  G06F3/0481

Abstract: A method comprises: at a computer device configured with user applications grouped in multiple virtual desktops hosted on and displayed by the computer device: establishing an online meeting with remote computer devices over a network; responsive to user input, selecting one of the multiple virtual desktops to be a shared virtual desktop, such that all other ones of the multiple virtual desktops become unshared virtual desktops; sharing, with the remote computer devices, the shared virtual desktop, including first user applications of the user applications that are grouped in the shared virtual desktop; and not sharing, with the remote computer devices, any of the unshared virtual desktops and second user applications of the user applications that are grouped in the unshared virtual desktops.

公开(公告)号：US11483243B2

公开(公告)日：2022-10-25

申请号：US16434523

申请日：2019-06-07

Applicant: Cisco Technology, Inc.

Inventor： K. Tirumaleswar Reddy ,  Ram Mohan Ravindranath ,  Muthu Arul Mozhi Perumal ,  Daniel G. Wing ,  William C. VerSteeg

IPC: H04L47/10 ,  H04L47/70 ,  H04L47/2441 ,  H04L65/80 ,  H04L9/40 ,  H04L65/60 ,  H04L67/10

Abstract: Modern day user applications leverages new communication technologies such as WebRTC, WebEx, and Jabber allow devices to connect and exchange media content including audio streams, video streams, and data stream/channels. The present disclosure describes mechanisms for a Port Control Protocol (PCP) server to provide feedback to PCP clients to enforce certain policies on the transport of such media content for a network. A policy may include a traffic handling policy for enforcing differentiated quality of service characteristics for different types of media streams. Another policy may include a security policy ensuring a data files being transmitted over a data channel from one endpoint travels to a security application via a relay element before the packets reaches another endpoint. The mechanisms are transparent to the endpoints, and advantageously preserve the user experience for these user applications.

公开(公告)号：US10863333B2

公开(公告)日：2020-12-08

申请号：US16277309

申请日：2019-02-15

Applicant: Cisco Technology, Inc.

Inventor： Prashanth Patil ,  Ram Mohan Ravindranath

IPC: H04W4/00 ,  H04W4/50 ,  H04W8/08 ,  H04W12/06 ,  H04W48/18

Abstract: Systems, methods, and computer-readable mediums for federating an enterprise and a SaaS provider across one or more network slices of a network service provider. A SaaS provided by a SaaS provider for provisioning to an enterprise can be recognized. One or more network slices within a network of a network service provider between the enterprise and the SaaS provider can be identified. The one or more network slices can be used to provision the SaaS to the enterprise. As follows, the SaaS provider can be federated with the enterprise across one or more network service providers, including the network service provider. Specifically, the SaaS provider can be federated with the enterprise by uniquely associating the one or more network slices provided by the network service provider with the SaaS provisioned by the SaaS provider to the enterprise.

公开(公告)号：US10791485B2

公开(公告)日：2020-09-29

申请号：US16161951

申请日：2018-10-16

Applicant: Cisco Technology, Inc.

Inventor： Prashanth Patil ,  Ram Mohan Ravindranath

IPC: H04W36/00 ,  H04L29/06 ,  H04W12/08 ,  H04W12/06 ,  H04W76/22 ,  H04W76/11 ,  H04L12/707

Abstract: A disclosed method is performed at a server (e.g., a content delivery network (CDN) server). The server receives from a QUIC client a first token, where the first token includes a first connection identifier that identifies a first path connecting the QUIC client to the server. The server validates the first token, including validating path properties associated with the first path extracted from the first token. The server further generates a second token associated with a second connection identifier that identifies a second path connecting the QUIC client to the server in accordance with a successful validation of the first token. Additionally, the server transmits the second token to the QUIC client.