公开(公告)号：US20210266316A1

公开(公告)日：2021-08-26

申请号：US17307446

申请日：2021-05-04

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Shree N. Murthy ,  Pradeep Kumar Kathail ,  Brian Weis

IPC: H04L29/06 ,  H04L12/851 ,  H04W80/02

Abstract: A method is provided to anonymize the media access control (MAC) address of a client device. The method involves generating a plurality of media access control (MAC) addresses for use by a client device in a network. Policies are defined that determine which one of the plurality of MAC addresses is to be used by the client device. The plurality of MAC addresses allocated for use by the client device are registered with a management entity in the network.

公开(公告)号：US10820202B1

公开(公告)日：2020-10-27

申请号：US16716893

申请日：2019-12-17

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Oliver James Bull ,  Louis Gwyn Samuel ,  Pradeep Kumar Kathail

IPC: H04M3/16 ,  H04W12/06 ,  H04L29/06 ,  H04W12/00 ,  H04W92/18 ,  H04W36/08

Abstract: In one example, an authentication server generates a Chargeable User Identity (CUI) for a User Equipment (UE) based on a first indication of an identifier obtained from the UE based on communications of the UE over a first network interface of a system. The authentication server obtains a second indication of the identifier based on communications of the UE over a second network interface of the system. In response to obtaining the second indication of the identifier, the authentication server determines that the UE is attempting to communicate over the second network interface. In response to determining that the UE is attempting to communicate over the second network interface, the authentication server uses the CUI for further communications of the UE over the second network interface.

公开(公告)号：US20200244655A1

公开(公告)日：2020-07-30

申请号：US16260455

申请日：2019-01-29

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Shree N. Murthy ,  Pradeep Kumar Kathail ,  Brian Weis

IPC: H04L29/06 ,  H04W80/02 ,  H04L12/851

Abstract: A method is provided to anonymize the media access control (MAC) address of a client device. The method involves generating a plurality of media access control (MAC) addresses for use by a client device in a network. Policies are defined that determine which one of the plurality of MAC addresses is to be used by the client device. The plurality of MAC addresses allocated for use by the client device are registered with a management entity in the network.

公开(公告)号：US20250150339A1

公开(公告)日：2025-05-08

申请号：US18940829

申请日：2024-11-07

Applicant: Cisco Technology, Inc.

Inventor： Alberto Rodriguez-Natal ,  Saswat Praharaj ,  Pradeep Kumar Kathail ,  Fabio R. Maino ,  Lorand Jakab ,  Ram Dular Singh ,  Vivek Agarwal

IPC: H04L41/0816 ,  H04L41/085

Abstract: Techniques for an application watcher system that includes a plurality of watchers that obtain various types of application configurations and/or state data which is used to make networking decisions and drive networking operations. The watchers of the application watcher system may each be configured to communicate with an application orchestration system that manages the application and obtain different types of application configurations and/or state data. In some instances, the application watcher system may run on a network orchestrator of the network, or be in communication with the network orchestrator, and provide application configurations and/or state data to the network orchestrator to make networking decisions.

公开(公告)号：US12294614B2

公开(公告)日：2025-05-06

申请号：US17583284

申请日：2022-01-25

Applicant: Cisco Technology, Inc.

Inventor： Eric Voit ,  Pradeep Kumar Kathail ,  Avinash Kalyanaraman

IPC: H04L9/32 ,  G06F21/00 ,  H04L9/40

Abstract: Disclosed are systems, apparatuses, methods, and computer-readable media for providing security postures for a service provided by a heterogenous system. A method for verifying trust by a service node includes receiving a request for a security information of the service node from a client device, wherein the request includes information identifying a service to receive from the service node, identifying a related node to communicate with the service node based on the service, after identifying the related node, requesting a security information of the related node, generating a composite security information from the security information of the service node and the security information of the related node, and sending the composite security information to the client device. The composite security information provides security claims for a service implemented by a heterogenous devices that have different trusted execution environments.

公开(公告)号：US12219437B2

公开(公告)日：2025-02-04

申请号：US17316205

申请日：2021-05-10

Applicant: Cisco Technology, Inc.

Inventor： Sri Gundavelli ,  Indermeet Singh Gandhi ,  Pradeep Kumar Kathail ,  Louis Gwyn Samuel

IPC: H04W4/00 ,  H04W4/14 ,  H04W84/04

Abstract: Systems, methods, and computer-readable media are provided for inter-network messaging among private and public 5G networks. For instance, a first server on a public 5G mobile network can receive a first message directed to a first wireless device associated with a first network identity. The first server can determine, based on the first network identity, that the first wireless device is associated with a second network identity, wherein the second network identity is used to identify the first wireless device on a private 5G mobile network. The first server can send a copy of the first message to a second server on the private 5G mobile network for transmission to the first wireless device through the private 5G mobile network based on the second network identity.

公开(公告)号：US12155556B2

公开(公告)日：2024-11-26

申请号：US17890756

申请日：2022-08-18

Applicant: Cisco Technology, Inc.

Inventor： Alberto Rodriguez Natal ,  Saswat Praharaj ,  Lorand Jakab ,  Fabio R. Maino ,  Pradeep Kumar Kathail

IPC: H04L45/121 ,  H04L45/00 ,  H04L45/745

Abstract: Techniques for automating traffic optimizations for egress traffic of an application orchestration system that is being sent over a network to a remote service. In examples, the techniques may include receiving, at a controller of the network, an egress traffic definition associated with egress traffic of an application hosted on the application orchestration system, the egress traffic definition indicating that the egress traffic is to be sent to the remote service. Based at least in part on the egress traffic definition, the controller may determine a networking path through the network or outside of the network that is optimized for sending the egress traffic to the remote service. The controller may also cause the egress traffic to be sent to the remote service via the optimized networking path.

公开(公告)号：US11979366B2

公开(公告)日：2024-05-07

申请号：US18195136

申请日：2023-05-09

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Pradeep Kumar Kathail ,  Eric Levy-Abegnoli ,  David A. Maluf

IPC: G06F15/16 ,  H04L61/2503 ,  H04L61/4511

CPC classification number: H04L61/2503 ,  H04L61/4511

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

公开(公告)号：US11949593B2

公开(公告)日：2024-04-02

申请号：US17740903

申请日：2022-05-10

Applicant: Cisco Technology, Inc.

Inventor： Pradeep Kumar Kathail ,  Eric Voit ,  David A. Maluf

IPC: G06F15/173 ,  G06F15/16 ,  H04L45/42 ,  H04L45/741 ,  H04L45/748 ,  H04L61/251

CPC classification number: H04L45/741 ,  H04L45/42 ,  H04L45/748 ,  H04L61/251

Abstract: Stateless address translation at an Autonomous System (AS) boundary for host privacy may be provided. An address associated with a host device in the AS may be received. The address may comprise a network prefix and an interface identifier (ID). Then a cypher value may be assigned to a cypher bit range in the network prefix. The cypher value may be associated with a first cypher algorithm of a plurality of cypher algorithms. Next, the address may be encoded wherein encoding the address comprises applying the first cypher algorithm to encode a coding bit range in the address that is less significant than the cypher bit range. The encoded address may then be used for flows from the host that egress the AS.

公开(公告)号：US20240064101A1

公开(公告)日：2024-02-22

申请号：US17820448

申请日：2022-08-17

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Eric Voit ,  Pradeep Kumar Kathail

IPC: H04L45/745 ,  H04L45/44 ,  H04L41/12

CPC classification number: H04L45/745 ,  H04L45/44 ,  H04L41/12

Abstract: A device for a virtual phone in a virtual network may be provided. A data packet may be received by the device, the device being in a personal-area-network (PAN) with a peer, the data packet containing information defining a characteristic of a software application. The data packet may be profiled, the data packet comprising information about the software application. An SLA table stored on the device may be seeded with the information in the data packet. A routing table may be populated with an address for forwarding the information to the peer.