公开(公告)号：US10659324B2

公开(公告)日：2020-05-19

申请号：US15173477

申请日：2016-06-03

Applicant: Cisco Technology, Inc.

Inventor： Jackson Ngoc Ki Pang ,  Navindra Yadav ,  Anubhav Gupta ,  Shashidhar Gandham ,  Supreeth Hosur Nagesh Rao ,  Sunil Kumar Gupta

IPC: G08B23/00 ,  G06F12/16 ,  G06F12/14 ,  G06F11/00 ,  H04L12/26 ,  H04L29/06 ,  G06F9/455 ,  G06N20/00 ,  G06F16/29 ,  G06F16/248 ,  G06F16/28 ,  G06F16/9535 ,  G06F16/2457 ,  G06F21/55 ,  G06F21/56 ,  H04L12/851 ,  H04L12/24 ,  H04W84/18 ,  H04L29/08 ,  G06F21/53 ,  H04L12/723 ,  G06F3/0484 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04L9/32 ,  H04J3/06 ,  H04J3/14 ,  H04L29/12 ,  H04L12/813 ,  H04L12/823 ,  H04L12/801 ,  H04L12/741 ,  H04L12/833 ,  H04L12/721 ,  G06F3/0482 ,  G06T11/20 ,  H04L12/841 ,  H04L12/725 ,  H04L12/715 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06N99/00 ,  G06F16/174 ,  G06F16/23

Abstract: An approach for establishing a priority ranking for endpoints in a network. This can be useful when triaging endpoints after an endpoint becomes compromised. Ensuring that the most critical and vulnerable endpoints are triaged first can help maintain network stability and mitigate damage to endpoints in the network after an endpoint is compromised. The present technology involves determining a criticality ranking and a secondary value for a first endpoint in a datacenter. The criticality ranking and secondary value can be combined to form priority ranking for the first endpoint which can then be compared to a priority ranking for a second endpoint to determine if the first endpoint or the second endpoint should be triaged first.

公开(公告)号：US20200112494A1

公开(公告)日：2020-04-09

申请号：US16707756

申请日：2019-12-09

Applicant: Cisco Technology, Inc.

Inventor： Ali Parandehgheibi ,  Abhishek Ranjan Singh ,  Omid Madani ,  Vimalkumar Jeyakumar ,  Ellen Christine Scheib ,  Navindra Yadav ,  Mohammadreza Alizadeh Attar

IPC: H04L12/26 ,  H04L29/06 ,  G06F9/455 ,  G06N20/00 ,  G06F16/29 ,  G06F16/248 ,  G06F16/28 ,  G06F16/9535 ,  G06F16/2457 ,  G06F21/55 ,  G06F21/56 ,  H04L12/851 ,  H04L12/24 ,  H04W84/18 ,  H04L29/08 ,  G06F21/53 ,  H04L12/723 ,  G06F3/0484 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04L9/32 ,  H04J3/06 ,  H04J3/14 ,  H04L29/12 ,  H04L12/813 ,  H04L12/823 ,  H04L12/801 ,  H04L12/741 ,  H04L12/833 ,  H04L12/721 ,  G06F3/0482 ,  G06T11/20 ,  H04L12/841 ,  H04L12/725 ,  H04L12/715 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06N99/00 ,  G06F16/174 ,  G06F16/23

Abstract: Systems, methods, and computer-readable media are provided for determining whether a node in a network is a server or a client. In some examples, a system can collect, from one or more sensors that monitor at least part of data traffic being transmitted via a pair of nodes in a network, information of the data traffic. The system can analyze attributes of the data traffic such as timing, port magnitude, degree of communication, historical data, etc. Based on analysis results and a predetermined rule associated with the attributes, the system can determine which node of the pair of nodes is a client and which node is a server.

公开(公告)号：US10523541B2

公开(公告)日：2019-12-31

申请号：US15793424

申请日：2017-10-25

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Darshan Shrinath Purandare ,  Aiyesha Ma ,  Aria Rahadian ,  Tapan Shrikrishna Patwardhan ,  Jackson Ngoc Ki Pang

IPC: G06F15/173 ,  H04L12/26 ,  H04L12/24

Abstract: Systems, methods, and computer-readable media for providing interoperability between nodes in separate networks as part of a federated network. In some embodiments, a system can identify a first cluster of nodes in a first network and a second cluster of nodes in a second network. The system can provide interoperability between the first cluster of nodes and the second cluster of nodes. First analytics for the first cluster of nodes can be generated using first network traffic data gathered based on first network traffic flowing through the first cluster of nodes by a group of sensors implemented in the first network. The second cluster of nodes can access the first analytics for the first cluster of nodes as part of providing the interoperability between the first cluster of nodes in the first network and the second cluster of nodes in the second network.

公开(公告)号：US10523512B2

公开(公告)日：2019-12-31

申请号：US15468642

申请日：2017-03-24

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Rohit Prasad ,  Hai Vu ,  Shih-Chun Chang ,  Hoang Nguyen ,  Shashi Gandham ,  Navindra Yadav ,  Praneeth Vallem ,  Sunil Gupta ,  Ravi Prasad ,  Varun Malhotra

IPC: H04L12/00 ,  H04L12/24 ,  H04L29/06

Abstract: The disclosed technology relates to a network agent for generating platform specific network policies. A network agent is configured to receive a platform independent network policy from a network policy system, determine implementation characteristics of the network entity, generate platform specific policies from the platform independent network policy based on the implementation characteristics of the network entity, and implement the platform specific policies on the network entity.

公开(公告)号：US10374878B2

公开(公告)日：2019-08-06

申请号：US15660901

申请日：2017-07-26

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Sameer Merchant

IPC: H04L12/28 ,  H04L12/24 ,  H04L12/743 ,  H04L12/803 ,  H04L12/819 ,  H04L12/26 ,  H04L12/741 ,  H04L12/713

Abstract: Systems, methods, and non-transitory computer-readable storage media for forwarding tables for virtual networking devices. The system first identifies local virtual machines hosted on a local host connected to the system, the system having virtual tunneling capabilities. The system then generates a forwarding table for the system. Next, the system populates the forwarding table with local entries including bindings for the local virtual machines hosted on the local host and adds a default route in the forwarding table pointing to a default forwarder function, wherein the default route is configured to handle all non-local traffic relative to the system and the local host.

公开(公告)号：US20190238633A1

公开(公告)日：2019-08-01

申请号：US16024182

申请日：2018-06-29

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Umamaheswaran Arumugam ,  Michael Watts ,  Shashi Gandham ,  Darshan Shrinath Purandare ,  Duy Nguyen ,  Hai Vu ,  Kai Zhu ,  Aiyesha Ma ,  Tapan Shrikrishna Patwardhan ,  Jothi Prakash Prabakaran

IPC: H04L29/08 ,  H04L12/24 ,  H04L12/26

CPC classification number: H04L67/1031 ,  H04L41/0677 ,  H04L41/0816 ,  H04L41/0893 ,  H04L43/08 ,  H04L67/1017 ,  H04L67/1025 ,  H04L67/1029

Abstract: Aspects of the disclosed technology provide methods for automatically tuning load-balancer configurations in a network environment. In some implementations, a process of the disclosed technology includes steps for collecting flow records of traffic flow segments at a middle box in a network environment, the traffic flow segments corresponding to one or more traffic flows passing through the middle box, analyzing the flow records to identify one or more traffic patterns in the network environment, and automatically updating a load balancer configuration based on the one or more traffic patterns, wherein updating the load balancer configuration improves at least one traffic flow parameter for at least one of the traffic flows passing through the middle box. Systems and machine-readable media are also provided.

公开(公告)号：US20190230127A1

公开(公告)日：2019-07-25

申请号：US16032765

申请日：2018-07-11

Applicant: Cisco Technology, Inc.

Inventor： Shashi Gandham ,  Navindra Yadav ,  Janardhanan Radhakrishnan ,  Hoang-Nam Nguyen ,  Umesh Paul Mahindra ,  Sunil Gupta ,  Praneeth Vallem ,  Supreeth Rao ,  Darshan Shrinath Purandare ,  Xuan Zou ,  Girish Anant Kalele ,  Jothi Prakash Prabakaran

IPC: H04L29/06 ,  H04L12/24

Abstract: Aspects of the disclosed technology relate to ways to authenticate customer/subscriber access to a policy update stream. A process of the technology can include steps for instantiating a network monitoring device in response to a request, the request comprising one or more configuration parameters for the network monitoring device, and receiving a first certificate from the network monitoring device, wherein the first certificate is based on the one or more configuration parameters. In some aspects, the steps can further include sending the first certificate to a processing pipeline for authentication, wherein the processing pipeline is configured to authenticate the first certificate based on a second certificate received by the processing pipeline from the network monitoring device. Systems and machine readable media are also provided.

公开(公告)号：US20190230041A1

公开(公告)日：2019-07-25

申请号：US16011427

申请日：2018-06-18

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Umamaheswaran Arumugam ,  Michael Watts ,  Shashi Gandham ,  Duy Nguyen ,  Hai Vu ,  Prasannakumar Jobigenahally Malleshaiah ,  Aiyesha Ma ,  Kai Zhu ,  Darshan Shrinath Purandare ,  Jothi Prakash Prabakaran

IPC: H04L12/891 ,  H04L29/08

Abstract: Systems, methods, and computer-readable media for flow stitching network traffic flow segments across middleboxes. A method can include collecting flow records of traffic flow segments at a first middlebox and a second middlebox in a network environment including one or more transaction identifiers assigned to the traffic flow segments. Sources and destinations of the traffic flow segments can be identified with respect to the first middlebox and the second middlebox. Corresponding subsets of the traffic flow segments can be stitched together to from a first stitched traffic flow at the first middlebox and a second stitched traffic flow at the second middlebox. The first and second stitched traffic flows can be stitched together to form a cross-middlebox stitched traffic flow across the first middlebox and the second middlebox. The cross-middlebox stitched traffic flow can be incorporated as part of network traffic data for the network environment.

公开(公告)号：US20190230035A1

公开(公告)日：2019-07-25

申请号：US15966561

申请日：2018-04-30

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Umamaheswaran Arumugam ,  Micheal Watts ,  Shashi Gandham ,  Prasannakumar Jobigenahally Malleshaiah ,  Duy Nguyen ,  Hai Vu ,  Tapan Shrikrishna Patwardhan ,  Aiyesha Ma ,  Xuan Zou ,  Jothi Prakash Prabakaran

IPC: H04L12/801 ,  H04L12/26 ,  H04L12/24

Abstract: Systems, methods, and computer-readable media for flow stitching network traffic flow segments at a middlebox in a network environment. In some embodiments, a method can include collecting flow records of traffic flow segments at a middlebox in a network environment including one or more transaction identifiers assigned to the traffic flow segments. The traffic flow segments can correspond to one or more traffic flows passing through the middlebox and flow directions of the traffic flow segments with respect to the middlebox can be identified using the flow records. The traffic flow segments can be stitched together based on the one or more transaction identifiers and the flow directions of the traffic flow segments to form a stitched traffic flow of the one or more traffic flows passing through the middlebox. The stitched traffic flow can be incorporated as part of network traffic data for the network environment.

公开(公告)号：US20190229995A1

公开(公告)日：2019-07-25

申请号：US15985520

申请日：2018-05-21

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Umamaheswaran Arumugam ,  Michael Watts ,  Shashi Gandham ,  Prasannakumar Jobigenahally Malleshaiah ,  Duy Nguyen ,  Hai Vu ,  Aiyesha Ma ,  Tapan Shrikrishna Patwardhan ,  Kai Zhu ,  Jothi Prakash Prabakaran

IPC: H04L12/24 ,  H04L12/26

Abstract: Systems, methods, and computer-readable media for flow stitching network traffic flow segments at a middlebox in a network environment. In some embodiments, flow records of traffic flow segments at a middlebox in a network environment are collected. The flow records can include transaction identifiers assigned to the traffic flow segments. Sources and destinations of the traffic flow segments with respect to the middlebox can be identified using the flow records. Further, the traffic flow segments can be stitched together to form a plurality of stitched traffic flows at the middlebox based on the transaction identifiers and the sources and destinations of the traffic flow segments in the network environment with respect to the middlebox. A configuration of the middlebox operating in the network environment can be identified based on the stitched traffic flows at the middlebox in the network environment.