公开(公告)号：US11601393B1

公开(公告)日：2023-03-07

申请号：US17493099

申请日：2021-10-04

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David John Zacks ,  Akram Ismail Sheriff ,  Guy Keinan ,  Walter T. Hulick, Jr.

IPC: H04L61/4511

Abstract: Methods are provided in which a domain name system (DNS) service obtains a lookup request for information about a source of a traffic flow being transmitted to a network resource external of a service cluster and performs, based on the lookup request, a lookup operation for a microservice that is the source of the traffic flow, among a plurality of microservices of the service cluster registered with the DNS service. The methods further include providing information about the microservice based on the lookup operation. The information includes at least a name of the microservice for visibility of the microservice external of the service cluster.

公开(公告)号：US11558194B2

公开(公告)日：2023-01-17

申请号：US17336179

申请日：2021-06-01

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Huimin She ,  Patrick Wetterwald ,  Akram Ismail Sheriff ,  Eric Michel Levy-Abegnoli

IPC: H04L9/32 ,  H04L9/30 ,  G06F16/901 ,  H04L61/5007 ,  H04L45/00

Abstract: In one embodiment, a method comprises: receiving, by a parent network device providing at least a portion of a directed acyclic graph (DAG) according to a prescribed routing protocol in a low power and lossy network, a destination advertisement object (DAO) message, the DAO message specifying a target Internet Protocol (IP) address claimed by an advertising network device in the DAG and the DAO message further specifying a secure token associated with the target IP address; and selectively issuing a cryptographic challenge to the DAO message to validate whether the advertising network device generated the secure token.

公开(公告)号：US11523314B2

公开(公告)日：2022-12-06

申请号：US17142638

申请日：2021-01-06

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Xiaoguang Jason Chen ,  Jun Liu ,  Robert Edgar Barton ,  Jerome Henry

IPC: H04W36/00 ,  H04W4/40 ,  H04W36/32 ,  H04W36/30 ,  H04W36/38

Abstract: In one embodiment, a device in a wireless network receives telemetry data from a plurality of autonomous vehicles. The telemetry data is indicative of radio signal quality metrics experienced by the vehicles at a particular location over time. The device forms an array of wireless roaming thresholds by applying regression to the telemetry data. The device computes an optimum roaming threshold from the array of wireless roaming thresholds to be used by the vehicles when approaching the location. The device triggers, based on the computed optimum threshold, one or more of the autonomous vehicles to initiate access point roaming when approaching the particular location.

公开(公告)号：US11489762B2

公开(公告)日：2022-11-01

申请号：US16890241

申请日：2020-06-02

Applicant: Cisco Technology, Inc.

Inventor： Li Zhao ,  Chuanwei Li ,  Lele Zhang ,  Haibo Dong ,  Akram Ismail Sheriff

IPC: H04L45/24 ,  H04L45/02 ,  H04L47/122 ,  H04W28/10 ,  H04W84/18

Abstract: Techniques for distributed sub-controller permission for control of data-traffic flow within software-defined networking (SDN) mesh networks to limit control plane traffic of the network are described herein. A technique described herein includes a network node of a data-traffic path of an SDN mesh network obtaining SDN sub-controller permission from a border controller of the SDN mesh network. Further, the technique includes suppression of data traffic from sibling and children nodes of data-traffic path allied nodes to the data-traffic path allied nodes. The data-traffic path allied nodes include network nodes that are part of the data-traffic path of the SDN mesh network. Further still, the technique includes the transmission of data across the data-traffic path.

公开(公告)号：US20220078015A1

公开(公告)日：2022-03-10

申请号：US17016046

申请日：2020-09-09

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Akram Ismail Sheriff

IPC: H04L9/32 ,  H04L9/06 ,  G06F9/50

Abstract: Techniques and mechanisms for providing continuous integrity validation-based control plane communication in a container-orchestration system, e.g., the Kubemetes platform. A worker node generates a nonce and forwards the nonce to a master node while requesting an attestation token. Using the nonce, the master node generates the attestation token and replies back to the worker node with the attestation token. The worker node validates the attestation token with a CA server to ensure that the master node is not compromised. The worker node sends its authentication credentials to the master node. The master node generates a nonce and forwards the nonce to the worker node while requesting an attestation token. Using the nonce, the worker node generates the attestation token and replies back to the master node with the attestation token. The master node validates the attestation token with the CA server to ensure that the worker node is not compromised.

公开(公告)号：US20200252809A1

公开(公告)日：2020-08-06

申请号：US16265036

申请日：2019-02-01

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ramrao Patil ,  Mark Grayson ,  Gangadharan Byju Pularikkal ,  Akram Ismail Sheriff

IPC: H04W24/02 ,  H04W16/14 ,  H04W52/36 ,  H04W52/24 ,  H04W52/26 ,  H04W72/12

Abstract: Techniques for optimizing performance of narrowband Internet-of-Things (NB-IoT) devices in a wireless wide area network (WWAN) are described. In one embodiment, a method includes providing a NB-IoT base station in an in-band deployment mode to operate within a WWAN. The NB-IoT base station is configured to use a physical resource block of the WWAN for communicating with a plurality of NB-IoT devices. The method includes causing a reduction of a power level for a transmission from an initial power level to a first reduced power level. The method includes obtaining parameters associated with performance and throughput for the WWAN and comparing the parameters to a quality threshold. Based on the comparison of the parameters to the threshold, the method includes determining whether or not to reduce the power level for the physical resource block from the first reduced power level to a second reduced power level.

公开(公告)号：US20200245148A1

公开(公告)日：2020-07-30

申请号：US16259019

申请日：2019-01-28

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ramrao Patil ,  Matthew Aaron Silverman ,  Huaiyi Wang ,  Gangadharan Byju Pularikkal ,  Akram Ismail Sheriff

IPC: H04W12/08 ,  H04W4/80 ,  H04L12/46 ,  H04W74/08

Abstract: Techniques for identification and isolation of Internet-of-Things devices in an enterprise network are described. In one embodiment, a method includes detecting a plurality of devices having a first network interface to connect to a wireless wide area network and a second network interface to connect to an enterprise network. The method also includes identifying a first subset of the plurality of devices as Internet-of-Things (IoT) devices based on at least a detected repetition rate on a physical random access channel of a transmission made by a device of the plurality of devices. The method includes assigning the IoT devices to a separate network segment within the enterprise network.

公开(公告)号：US12211625B2

公开(公告)日：2025-01-28

申请号：US17169392

申请日：2021-02-05

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Hazim Hashim Dahir ,  Thomas Szigeti

IPC: G16H50/80 ,  F24F11/30 ,  G16H10/60 ,  G16H15/00 ,  G16H40/20 ,  G16H40/67 ,  G16H80/00

Abstract: An example method for identifying and reporting a space or individual that has been exposed to an infectious disease includes identifying sensor data related to one or more individuals in a space; determining, based on the sensor data, that a particular individual among the one or more individuals is infected with an infectious disease; generating a report requesting that the space be disinfected; and outputting the report to a computing device.

公开(公告)号：US12192192B2

公开(公告)日：2025-01-07

申请号：US17749274

申请日：2022-05-20

Applicant: Cisco Technology, Inc.

Inventor： Vinay Saini ,  Rajesh Indira Viswambharan ,  Nagendra Kumar Nainar ,  Akram Ismail Sheriff ,  David John Zacks

IPC: H04L9/40

Abstract: In one embodiment, a method herein comprises: receiving, at a device, a registration request from a telemetry exporter that transmits telemetry data; generating, by the device, a telemetry configuration file for the telemetry exporter, the telemetry configuration file defining a policy for transmission of telemetry data from the telemetry exporter and an authentication token for the telemetry exporter; sharing, by the device, the policy with a security enforcer; and sending, by the device, the telemetry configuration file to the telemetry exporter, wherein the telemetry exporter is caused to connect with the security enforcer using the authentication token, send the telemetry configuration file to the security enforcer, and transmit collected telemetry data to the security enforcer, and wherein the security enforcer is caused to create a dynamic publish-subscribe stream for publishing the collected telemetry data received from the telemetry exporter based on the telemetry configuration file and the policy.

公开(公告)号：US11917015B2

公开(公告)日：2024-02-27

申请号：US17667890

申请日：2022-02-09

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  David John Zacks ,  John Matthew Swartz ,  Akram Ismail Sheriff

IPC: H04L67/141 ,  H04L41/08 ,  H04L47/72 ,  G06Q10/02 ,  H04L47/70 ,  H04L41/28 ,  G06Q10/109

CPC classification number: H04L67/141 ,  G06Q10/02 ,  G06Q10/109 ,  H04L41/08 ,  H04L41/28 ,  H04L47/72 ,  H04L47/822 ,  H04L47/825

Abstract: Presented herein are techniques to facilitate infrastructure and policy orchestration in a shared workspace network environment. In one example, a method may include obtaining, by a service broker, a reservation request from a consumer network for a consumer, wherein the reservation request seeks a reservation to reserve, at least in part, at least one workspace device for the consumer for a workspace for a particular day and a particular time period; based on determining that the at least one workspace device is available, providing a response to the consumer network that includes a first indicator for identifying the reservation of the workspace and at least one second indicator identifying the at least one workspace device; and upon receiving a session request from the consumer network that includes the second indicator, establishing a management tunnel to interconnect the consumer network and the at least one workspace device via the service broker.