-
公开(公告)号:US20240348625A1
公开(公告)日:2024-10-17
申请号:US18751871
申请日:2024-06-24
Applicant: Cisco Technology, Inc.
Inventor: Navindra Yadav , Abhishek Ranjan Singh , Shashidhar Gandham , Ellen Christine Scheib , Omid Madani , Ali Parandehgheibi , Jackson Ngoc Ki Pang , Vimalkumar Jeyakumar , Michael Standish Watts , Hoang Viet Nguyen , Khawar Deen , Rohit Chandra Prasad , Sunil Kumar Gupta , Supreeth Hosur Nagesh Rao , Anubhav Gupta , Ashutosh Kulshreshtha , Roberto Fernando Spadaro , Hai Trong Vu , Varun Sagar Malhotra , Shih-Chun Chang , Bharathwaj Sankara Viswanathan , Fnu Rachita Agasthy , Duane Thomas Barlow
IPC: H04L9/40 , H04L43/04 , H04L43/062 , H04L43/0894
CPC classification number: H04L63/1408 , H04L43/04 , H04L43/0894 , H04L63/02 , H04L63/1425 , H04L43/062
Abstract: An example method includes detecting, using sensors, packets throughout a datacenter. The sensors can then send packet logs to various collectors which can then identify and summarize data flows in the datacenter. The collectors can then send flow logs to an analytics module which can identify the status of the datacenter and detect an attack.
-
公开(公告)号:US20240205118A1
公开(公告)日:2024-06-20
申请号:US18593403
申请日:2024-03-01
Applicant: Cisco Technology, Inc.
Inventor: Sunil Kumar Gupta , Navindra Yadav , Michael Standish Watts , Ali Parandehgheibi , Shashidhar Gandham , Ashutosh Kulshreshtha , Khawar Deen
IPC: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/455 , G06F16/11 , G06F16/13 , G06F16/16 , G06F16/17 , G06F16/174 , G06F16/23 , G06F16/2457 , G06F16/248 , G06F16/28 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/55 , G06F21/56 , G06N20/00 , G06N99/00 , G06T11/20 , H04J3/06 , H04J3/14 , H04L1/24 , H04L7/10 , H04L9/08 , H04L9/32 , H04L9/40 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0852 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/00 , H04L45/302 , H04L45/50 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/50 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18
CPC classification number: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/45558 , G06F16/122 , G06F16/137 , G06F16/162 , G06F16/17 , G06F16/173 , G06F16/174 , G06F16/1744 , G06F16/1748 , G06F16/2322 , G06F16/235 , G06F16/2365 , G06F16/24578 , G06F16/248 , G06F16/285 , G06F16/288 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/552 , G06F21/556 , G06F21/566 , G06N20/00 , G06N99/00 , G06T11/206 , H04J3/0661 , H04J3/14 , H04L1/242 , H04L7/10 , H04L9/0866 , H04L9/3239 , H04L9/3242 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0841 , H04L43/0858 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/306 , H04L45/38 , H04L45/46 , H04L45/507 , H04L45/66 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L63/0227 , H04L63/0263 , H04L63/06 , H04L63/0876 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/145 , H04L63/1458 , H04L63/1466 , H04L63/16 , H04L63/20 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , G06F2009/4557 , G06F2009/45587 , G06F2009/45591 , G06F2009/45595 , G06F2221/033 , G06F2221/2101 , G06F2221/2105 , G06F2221/2111 , G06F2221/2115 , G06F2221/2145 , H04L67/535
Abstract: A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.
-
公开(公告)号:US11902121B2
公开(公告)日:2024-02-13
申请号:US17822656
申请日:2022-08-26
Applicant: Cisco Technology, Inc.
Inventor: Khawar Deen , Navindra Yadav , Anubhav Gupta , Shashidhar Gandham , Rohit Chandra Prasad , Abhishek Ranjan Singh , Shih-Chun Chang
IPC: H04L9/40 , G06F16/00 , G06F21/60 , H04L43/045 , G06F9/455 , G06N20/00 , G06F21/55 , G06F21/56 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L41/0668 , H04L43/0805 , H04L43/0811 , H04L43/0852 , H04L43/106 , H04L45/00 , H04L45/50 , H04L67/12 , H04L43/026 , H04L61/5007 , H04L67/01 , H04L67/51 , H04L67/75 , H04L67/1001 , H04W72/54 , H04L43/062 , H04L43/10 , H04L47/2441 , H04L41/0893 , H04L43/08 , H04L43/04 , H04W84/18 , H04L67/10 , H04L41/046 , H04L43/0876 , H04L41/12 , H04L41/16 , H04L41/0816 , G06F21/53 , H04L41/22 , G06F3/04842 , G06F3/04847 , H04L41/0803 , H04L43/0829 , H04L43/16 , H04L1/24 , H04L9/08 , H04J3/06 , H04J3/14 , H04L47/20 , H04L47/32 , H04L43/0864 , H04L47/11 , H04L69/22 , H04L45/74 , H04L47/2483 , H04L43/0882 , H04L41/0806 , H04L43/0888 , H04L43/12 , H04L47/31 , G06F3/0482 , G06T11/20 , H04L43/02 , H04L47/28 , H04L69/16 , H04L45/302 , H04L67/50
CPC classification number: H04L43/045 , G06F3/0482 , G06F3/04842 , G06F3/04847 , G06F9/45558 , G06F16/122 , G06F16/137 , G06F16/162 , G06F16/17 , G06F16/173 , G06F16/174 , G06F16/1744 , G06F16/1748 , G06F16/235 , G06F16/2322 , G06F16/2365 , G06F16/248 , G06F16/24578 , G06F16/285 , G06F16/288 , G06F16/29 , G06F16/9535 , G06F21/53 , G06F21/552 , G06F21/556 , G06F21/566 , G06N20/00 , G06N99/00 , G06T11/206 , H04J3/0661 , H04J3/14 , H04L1/242 , H04L9/0866 , H04L9/3239 , H04L9/3242 , H04L41/046 , H04L41/0668 , H04L41/0803 , H04L41/0806 , H04L41/0816 , H04L41/0893 , H04L41/12 , H04L41/16 , H04L41/22 , H04L43/02 , H04L43/026 , H04L43/04 , H04L43/062 , H04L43/08 , H04L43/0805 , H04L43/0811 , H04L43/0829 , H04L43/0841 , H04L43/0858 , H04L43/0864 , H04L43/0876 , H04L43/0882 , H04L43/0888 , H04L43/10 , H04L43/106 , H04L43/12 , H04L43/16 , H04L45/306 , H04L45/38 , H04L45/46 , H04L45/507 , H04L45/66 , H04L45/74 , H04L47/11 , H04L47/20 , H04L47/2441 , H04L47/2483 , H04L47/28 , H04L47/31 , H04L47/32 , H04L61/5007 , H04L63/0227 , H04L63/0263 , H04L63/06 , H04L63/0876 , H04L63/145 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1433 , H04L63/1441 , H04L63/1458 , H04L63/1466 , H04L63/16 , H04L63/20 , H04L67/01 , H04L67/10 , H04L67/1001 , H04L67/12 , H04L67/51 , H04L67/75 , H04L69/16 , H04L69/22 , H04W72/54 , H04W84/18 , G06F2009/4557 , G06F2009/45587 , G06F2009/45591 , G06F2009/45595 , G06F2221/033 , G06F2221/2101 , G06F2221/2105 , G06F2221/2111 , G06F2221/2115 , G06F2221/2145 , H04L67/535
Abstract: A method includes capturing first data associated with a first packet flow originating from a first host using a first capture agent deployed at the first host to yield first flow data, capturing second data associated with a second packet flow originating from the first host from a second capture agent deployed on a second host to yield second flow data and comparing the first flow data and the second flow data to yield a difference. When the difference is above a threshold value, the method includes determining that the second packet flow was transmitted by a component that bypassed an operating stack of the first host or a packet capture agent at the device to yield a determination, detecting that hidden network traffic exists, and predicting a malware issue with the first host based on the determination.
-
公开(公告)号:US20220407787A1
公开(公告)日:2022-12-22
申请号:US17822656
申请日:2022-08-26
Applicant: Cisco Technology, Inc.
Inventor: Khawar Deen , Navindra Yadav , Anubhav Gupta , Shashidhar Gandham , Rohit Chandra Prasad , Abhishek Ranjan Singh , Shih-Chun Chang
IPC: H04L43/045 , H04L9/40 , G06F9/455 , G06N20/00 , G06F21/55 , G06F21/56 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L41/0668 , H04L43/0805 , H04L43/0811 , H04L43/0852 , H04L43/106 , H04L45/00 , H04L45/50 , H04L67/12 , H04L43/026 , H04L61/5007 , H04L67/01 , H04L67/51 , H04L67/75 , H04L67/1001 , H04L43/062 , H04L43/10 , H04L47/2441 , H04L41/0893 , H04L43/08 , H04L43/04 , H04W84/18 , H04L67/10 , H04L41/046 , H04L43/0876 , H04L41/12 , H04L41/16 , H04L41/0816 , G06F21/53 , H04L41/22 , G06F3/04842 , G06F3/04847 , H04L41/0803 , H04L43/0829 , H04L43/16 , H04L1/24 , H04W72/08 , H04L9/08 , H04J3/06 , H04J3/14 , H04L47/20 , H04L47/32 , H04L43/0864 , H04L47/11 , H04L69/22 , H04L45/74 , H04L47/2483 , H04L43/0882 , H04L41/0806 , H04L43/0888 , H04L43/12 , H04L47/31 , G06F3/0482 , G06T11/20 , H04L43/02 , H04L47/28 , H04L69/16 , H04L45/302
Abstract: A method includes capturing first data associated with a first packet flow originating from a first host using a first capture agent deployed at the first host to yield first flow data, capturing second data associated with a second packet flow originating from the first host from a second capture agent deployed on a second host to yield second flow data and comparing the first flow data and the second flow data to yield a difference. When the difference is above a threshold value, the method includes determining that the second packet flow was transmitted by a component that bypassed an operating stack of the first host or a packet capture agent at the device to yield a determination, detecting that hidden network traffic exists, and predicting a malware issue with the first host based on the determination.
-
35.发明申请公开(公告)号:US20220159357A1
公开(公告)日:2022-05-19
申请号:US17529727
申请日:2021-11-18
Applicant: Cisco Technology, Inc.
Inventor: Ashutosh Kulshreshtha , Omid Madani , Vimal Jeyakumar , Navindra Yadav , Ali Parandehgheibi , Andy Sloane , Kai Chang , Khawar Deen , Shih-Chun Chang , Hai Vu
IPC: H04Q9/02 , H04L43/04 , G06F11/34 , H04L9/40 , H04L43/026 , H04L41/0631 , H04L41/0681
Abstract: An application and network analytics platform can capture telemetry from servers and network devices operating within a network. The application and network analytics platform can determine an application dependency map (ADM) for an application executing in the network. Using the ADM, the application and network analytics platform can resolve flows into flowlets of various granularities, and determine baseline metrics for the flowlets. The baseline metrics can include transmission times, processing times, and/or data sizes for the flowlets. The application and network analytics platform can compare new flowlets against the baselines to assess availability, load, latency, and other performance metrics for the application. In some implementations, the application and network analytics platform can automate remediation of unavailability, load, latency, and other application performance issues.
-
Patent Agency Ranking
36.发明授权公开(公告)号:US11202132B2
公开(公告)日:2021-12-14
申请号:US17094815
申请日:2020-11-11
Applicant: Cisco Technology, Inc.
Inventor: Ashutosh Kulshreshtha , Omid Madani , Vimal Jeyakumar , Navindra Yadav , Ali Parandehgheibi , Andy Sloane , Kai Chang , Khawar Deen , Shih-Chun Chang , Hai Vu
Abstract: An application and network analytics platform can capture telemetry from servers and network devices operating within a network. The application and network analytics platform can determine an application dependency map (ADM) for an application executing in the network. Using the ADM, the application and network analytics platform can resolve flows into flowlets of various granularities, and determine baseline metrics for the flowlets. The baseline metrics can include transmission times, processing times, and/or data sizes for the flowlets. The application and network analytics platform can compare new flowlets against the baselines to assess availability, load, latency, and other performance metrics for the application. In some implementations, the application and network analytics platform can automate remediation of unavailability, load, latency, and other application performance issues.
-
公开(公告)号:US20210067849A1
公开(公告)日:2021-03-04
申请号:US17094815
申请日:2020-11-11
Applicant: Cisco Technology, Inc.
Inventor: Ashutosh Kulshreshtha , Omid Madani , Vimal Jeyakumar , Navindra Yadav , Ali Parandehgheibi , Andy Sloane , Kai Chang , Khawar Deen , Shih-Chun Chang , Hai Vu
Abstract: An application and network analytics platform can capture telemetry from servers and network devices operating within a network. The application and network analytics platform can determine an application dependency map (ADM) for an application executing in the network. Using the ADM, the application and network analytics platform can resolve flows into flowlets of various granularities, and determine baseline metrics for the flowlets. The baseline metrics can include transmission times, processing times, and/or data sizes for the flowlets. The application and network analytics platform can compare new flowlets against the baselines to assess availability, load, latency, and other performance metrics for the application. In some implementations, the application and network analytics platform can automate remediation of unavailability, load, latency, and other application performance issues.
-
公开(公告)号:US10904116B2
公开(公告)日:2021-01-26
申请号:US15045202
申请日:2016-02-16
Applicant: Cisco Technology, Inc.
Inventor: Sunil Kumar Gupta , Navindra Yadav , Michael Standish Watts , Ali Parandehgheibi , Shashidhar Gandham , Ashutosh Kulshreshtha , Khawar Deen
IPC: H04L12/26 , H04L29/06 , G06F9/455 , G06N20/00 , G06F21/55 , G06F21/56 , G06F16/28 , G06F16/2457 , G06F16/248 , G06F16/29 , G06F16/16 , G06F16/17 , G06F16/11 , G06F16/13 , G06F16/174 , G06F16/23 , G06F16/9535 , G06N99/00 , H04L9/32 , H04L12/24 , G06T11/20 , H04L12/841 , H04L12/725 , H04L12/715 , H04L12/723 , H04L29/08 , H04L12/851 , H04W84/18 , G06F21/53 , G06F3/0484 , H04L1/24 , H04W72/08 , H04L9/08 , H04J3/06 , H04J3/14 , H04L29/12 , H04L12/813 , H04L12/823 , H04L12/801 , H04L12/741 , H04L12/833 , H04L12/721 , G06F3/0482
Abstract: An example method according to some embodiments includes receiving flow data for a packet traversing a network. The method continues by determining a source endpoint group and a destination endpoint group for the packet. The method continues by determining that a policy was utilized, the policy being applicable to the endpoint group. Finally, the method includes updating utilization data for the policy based on the flow data.
-
公开(公告)号:US10686804B2
公开(公告)日:2020-06-16
申请号:US16179027
申请日:2018-11-02
Applicant: Cisco Technology, Inc.
Inventor: Navindra Yadav , Abhishek Ranjan Singh , Shashidhar Gandham , Ellen Christine Scheib , Omid Madani , Ali Parandehgheibi , Jackson Ngoc Ki Pang , Vimalkumar Jeyakumar , Michael Standish Watts , Hoang Viet Nguyen , Khawar Deen , Rohit Chandra Prasad , Sunil Kumar Gupta , Supreeth Hosur Nagesh Rao , Anubhav Gupta , Ashutosh Kulshreshtha , Roberto Fernando Spadaro , Hai Trong Vu , Varun Sagar Malhotra , Shih-Chun Chang , Bharathwaj Sankara Viswanathan , Fnu Rachita Agasthy , Duane Thomas Barlow
Abstract: An example method includes detecting, using sensors, packets throughout a datacenter. The sensors can then send packet logs to various collectors which can then identify and summarize data flows in the datacenter. The collectors can then send flow logs to an analytics module which can identify the status of the datacenter and detect an attack.
-
40.发明申请公开(公告)号:US20200052984A1
公开(公告)日:2020-02-13
申请号:US16658621
申请日:2019-10-21
Applicant: Cisco Technology, Inc.
Inventor: Khawar Deen , Navindra Yadav , Anubhav Gupta , Shashidhar Gandham , Rohit Chandra Prasad , Abhishek Ranjan Singh , Shih-Chun Chang
IPC: H04L12/26 , G06F16/174 , G06F16/23 , G06N99/00 , G06F16/17 , G06F16/13 , G06F16/11 , G06F16/16 , H04L12/715 , H04L12/725 , H04L29/08 , H04L29/06 , H04L12/841 , G06T11/20 , G06F3/0482 , H04L12/721 , H04L12/833 , H04L12/24 , H04L12/851 , H04L12/741 , H04L12/801 , H04L12/823 , H04L12/813 , H04L29/12 , H04J3/14 , H04J3/06 , H04L9/32 , H04L9/08 , H04W72/08 , H04L1/24 , G06F3/0484 , H04L12/723 , G06F21/53 , H04W84/18 , G06F21/56 , G06F21/55 , G06F16/2457 , G06F16/9535 , G06F16/28 , G06F16/248 , G06F16/29 , G06N20/00 , G06F9/455
Abstract: A method includes capturing first data associated with a first packet flow originating from a first host using a first capture agent deployed at the first host to yield first flow data, capturing second data associated with a second packet flow originating from the first host from a second capture agent deployed on a second host to yield second flow data and comparing the first flow data and the second flow data to yield a difference. When the difference is above a threshold value, the method includes determining that the second packet flow was transmitted by a component that bypassed an operating stack of the first host or a packet capture agent at the device to yield a determination, detecting that hidden network traffic exists, and predicting a malware issue with the first host based on the determination.
-
-
-
-
-
-
-
-
-
Search Results
93
records
(took 0.028 seconds)
