-
公开(公告)号:US20240179153A1
公开(公告)日:2024-05-30
申请号:US18436185
申请日:2024-02-08
Applicant: Cisco Technology, Inc.
Inventor: Navindra Yadav , Abhishek Ranjan Singh , Shashidhar Gandham , Ellen Christine Scheib , Omid Madani , Ali Parandehgheibi , Jackson Ngoc Ki Pang , Vimalkumar Jeyakumar , Michael Standish Watts , Hoang Viet Nguyen , Khawar Deen , Rohit Chandra Prasad , Sunil Kumar Gupta , Supreeth Hosur Nagesh Rao , Anubhav Gupta , Ashutosh Kulshreshtha , Roberto Fernando Spadaro , Hai Trong Vu , Varun Sagar Malhotra , Shih-Chun Chang , Bharathwaj Sankara Viswanathan , Fnu Rachita Agasthy , Duane Thomas Barlow
IPC: H04L9/40 , H04L43/04 , H04L43/062 , H04L43/0894
CPC classification number: H04L63/1408 , H04L43/04 , H04L43/0894 , H04L63/02 , H04L63/1425 , H04L43/062
Abstract: An example method includes detecting, using sensors, packets throughout a datacenter. The sensors can then send packet logs to various collectors which can then identify and summarize data flows in the datacenter. The collectors can then send flow logs to an analytics module which can identify the status of the datacenter and detect an attack.
-
公开(公告)号:US20240152623A1
公开(公告)日:2024-05-09
申请号:US18052240
申请日:2022-11-03
Applicant: Cisco Technology, Inc.
Inventor: Walter T. Hulick, JR. , Ashutosh Kulshreshtha , Girish Sivasubramanian
IPC: G06F21/57
CPC classification number: G06F21/577 , G06F2221/033
Abstract: A system and method for evaluating penetration testing tools. In one embodiment, a method includes generating a plurality of instructions, wherein the instructions comprise one or more security vulnerabilities for testing a web server, generating the web server, wherein the web server comprises the plurality of instructions with the one or more security vulnerabilities, receiving a penetration test result from a penetration testing tool executing on the web server, and computing a precision of the penetration testing tool for detecting the one or more security vulnerabilities.
-
33.发明授权公开(公告)号:US11863921B2
公开(公告)日:2024-01-02
申请号:US18313255
申请日:2023-05-05
Applicant: Cisco Technology, Inc.
Inventor: Ashutosh Kulshreshtha , Omid Madani , Vimal Jeyakumar , Navindra Yadav , Ali Parandehgheibi , Andy Sloane , Kai Chang , Khawar Deen , Shih-Chun Chang , Hai Vu
IPC: H04L67/12 , H04L43/16 , H04Q9/02 , H04L13/04 , G06F11/34 , H04L43/026 , H04L41/0631 , H04L41/0681 , H04L41/14
CPC classification number: H04Q9/02 , G06F11/3495 , H04L13/04 , H04L41/064 , H04L41/0681 , H04L43/026 , H04L67/12 , H04L41/14 , H04L43/16 , H04Q2209/20
Abstract: An application and network analytics platform can capture telemetry from servers and network devices operating within a network. The application and network analytics platform can determine an application dependency map (ADM) for an application executing in the network. Using the ADM, the application and network analytics platform can resolve flows into flowlets of various granularities, and determine baseline metrics for the flowlets. The baseline metrics can include transmission times, processing times, and/or data sizes for the flowlets. The application and network analytics platform can compare new flowlets against the baselines to assess availability, load, latency, and other performance metrics for the application. In some implementations, the application and network analytics platform can automate remediation of unavailability, load, latency, and other application performance issues.
-
公开(公告)号:US20230252162A1
公开(公告)日:2023-08-10
申请号:US17835074
申请日:2022-06-08
Applicant: Cisco Technology, Inc.
CPC classification number: G06F21/577 , G06F21/52 , G06F2221/033
Abstract: A computing system for identifying and scoring problems associated with call stacks. The computing system identifies call stacks associated with an application and determines a problem occurs in the application. The computer system compares a call stack of a first set of applications with a call stack of a second set of applications, wherein the call stack of the first set of applications includes the problem and the call stack of the second set of applications does not include the problem. The computer system generates a score indicating a likelihood that a particular call stack caused the problem based on whether the particular call stack is included in the call stack of the first set of applications, the call stack of the second set of applications, or both. The computing system generates a notification comprising the score indicating the likelihood that the particular call stack caused the problem.
-
公开(公告)号:US20220083644A1
公开(公告)日:2022-03-17
申请号:US17023035
申请日:2020-09-16
Applicant: Cisco Technology, Inc.
Inventor: Ashutosh Kulshreshtha , Andy Sloane , Hiral Shashikant Patel , Uday Krishnaswamy Chettiar , Oliver Kempe , Bharathwaj Sankara Viswanathan , Navindra Yadav
Abstract: The present disclosure provides systems, methods, and computer-readable media for implementing security polices at software call stack level. In one example, a method includes generating a call stack classification scheme for an application, detecting a call stack during deployment of the application; using the call stack classification scheme during runtime of the application, classifying the detected call stack as one of an authorized call stack or an unauthorized call stack to yield a classification; and applying a security policy based on the classification.
-
Patent Agency Ranking
公开(公告)号:US20220006842A1
公开(公告)日:2022-01-06
申请号:US16921184
申请日:2020-07-06
Applicant: Cisco Technology, Inc.
Inventor: Alok Lalit Wadhwa , James Gabriel Fontenot , Ashutosh Kulshreshtha , Navindra Yadav , Shashidhar Gandham , Weifei Zeng
IPC: H04L29/06
Abstract: Disclosed herein are methods, systems, and non-transitory computer-readable storage media for scoring network segmentation policies in order to determine their effectiveness before, during and after enforcement. In one aspect, a method includes identifying one or more applications within an enterprise network; identifying at least one network security policy in association with the one or more applications within the enterprise network; determining a score of the network security policy based on information corresponding to exposure of each of the one or more applications within the enterprise network; and executing the network security policy based on the score
-
公开(公告)号:US20210320853A1
公开(公告)日:2021-10-14
申请号:US17355423
申请日:2021-06-23
Applicant: Cisco Technology, Inc.
Inventor: Ashutosh Kulshreshtha , Navindra Yadav , Khawar Deen , Jackson Pang , Supreeth Rao
Abstract: An application and network analytics platform can capture comprehensive telemetry from servers and network devices operating within a network. The platform can discover flows running through the network, applications generating the flows, servers hosting the applications, computing resources provisioned and consumed by the applications, and network topology, among other insights. The platform can generate various models relating one set of application and network performance metrics to another. For example, the platform can model application latency as a function of computing resources provisioned to and/or actually used by the application, its host's total resources, and/or the distance of its host relative to other elements of the network. The platform can change the model by moving, removing, or adding elements to predict how the change affects application and network performance. In some situations, the platform can automatically act on predictions to improve application and network performance.
-
公开(公告)号:US10979322B2
公开(公告)日:2021-04-13
申请号:US15135344
申请日:2016-04-21
Applicant: Cisco Technology, Inc.
Inventor: Ashutosh Kulshreshtha , Navindra Yadav , Hai Trong Vu , Michael Standish Watts , Jackson Ngoc Ki Pang , Khawar Deen
IPC: H04L12/26 , H04L29/06 , G06F9/455 , G06N20/00 , G06F21/55 , G06F21/56 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L12/24 , H04L12/715 , H04L12/723 , H04L29/08 , H04L12/851 , H04W84/18 , G06F21/53 , G06F3/0484 , H04L1/24 , H04W72/08 , H04L9/08 , H04J3/06 , H04J3/14 , H04L29/12 , H04L12/813 , H04L12/823 , H04L12/801 , H04L12/741 , H04L12/833 , H04L12/721 , G06F3/0482 , G06T11/20 , H04L12/841 , H04L12/725
Abstract: A monitoring device/module monitors a plurality of nodes in a data center network, and determines one or more latency distributions of response times for messages exchanged between pairs of nodes of the plurality of nodes. The network monitoring device determines a network topology, including one or more communication links interconnecting nodes of the plurality of nodes, consistent with the one or more latency distributions. The network monitoring device also determines a representative response time for each communication link based on the one or more latency distributions, and compares a current response time a message exchanged between one pair of nodes to the representative response time for the communication link interconnecting the one pair of nodes. The network monitoring device identifies a network anomaly when the current response time deviates from the representative response time for the communication link interconnecting the one pair of nodes by a threshold amount.
-
公开(公告)号:US10129117B2
公开(公告)日:2018-11-13
申请号:US15045210
申请日:2016-02-16
Applicant: Cisco Technology, Inc.
Inventor: Sunil Kumar Gupta , Navindra Yadav , Michael Standish Watts , Ali Parandehgheibi , Shashidhar Gandham , Ashutosh Kulshreshtha , Khawar Deen
IPC: H04L29/06 , H04L12/26 , G06F9/455 , G06F17/30 , H04L12/851 , H04L12/24 , H04W84/18 , H04L29/08 , G06N99/00 , G06F21/53 , H04L12/723 , G06F3/0484 , H04L1/24 , H04W72/08 , H04L9/08 , H04L9/32 , H04J3/06 , H04J3/14 , H04L29/12 , H04L12/813 , H04L12/823 , H04L12/801 , H04L12/741 , H04L12/833 , H04L12/721 , G06F3/0482 , G06T11/20 , H04L12/841 , H04L12/725 , H04L12/715 , G06F21/55 , G06F21/56
Abstract: Conditional policies can be defined that change based on security measurements of network endpoints. In an example embodiment, a network traffic monitoring system can monitor network flows between the endpoints and quantify how secure those endpoints are based on analysis of the network flows and other data. A conditional policy may be created that establishes one or more first connectivity policies for handling a packet when a security measurement of an endpoint is a first value or first range values, and one or more second connectivity policies for handling the packet. The connectivity policies may include permitting connectivity, denying connectivity, redirecting the packet using a specific route, or other network action. When the network traffic monitoring system detects a change to the security measurement of the endpoint, one or more applicable policies can be determined and the system can update policy data for the network to enforce the policies.
-
公开(公告)号:US20180287907A1
公开(公告)日:2018-10-04
申请号:US15471183
申请日:2017-03-28
Applicant: CISCO TECHNOLOGY, INC.
Inventor: Ashutosh Kulshreshtha , Omid Madani , Vimal Jeyakumar , Navindra Yadav , Ali Parandehgheibi , Andy Sloane , Kai Chang , Khawar Deen , Shih-Chun Chang , Hai Vu
Abstract: An application and network analytics platform can capture telemetry from servers and network devices operating within a network. The application and network analytics platform can determine an application dependency map (ADM) for an application executing in the network. Using the ADM, the application and network analytics platform can resolve flows into flowlets of various granularities, and determine baseline metrics for the flowlets. The baseline metrics can include transmission times, processing times, and/or data sizes for the flowlets. The application and network analytics platform can compare new flowlets against the baselines to assess availability, load, latency, and other performance metrics for the application. In some implementations, the application and network analytics platform can automate remediation of unavailability, load, latency, and other application performance issues.
-
-
-
-
-
-
-
-
-
Search Results
92
records
(took 0.042 seconds)
