公开(公告)号：US20230188496A1

公开(公告)日：2023-06-15

申请号：US18163979

申请日：2023-02-03

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David John Zacks ,  Akram Ismail Sheriff ,  Guy Keinan ,  Walter T. Hulick, JR.

IPC: H04L61/4511

CPC classification number: H04L61/4511

Abstract: Methods are provided in which a domain name system (DNS) service obtains a lookup request for information about a source of a traffic flow being transmitted to a network resource external of a service cluster and performs, based on the lookup request, a lookup operation for a microservice that is the source of the traffic flow, among a plurality of microservices of the service cluster registered with the DNS service. The methods further include providing information about the microservice based on the lookup operation. The information includes at least a name of the microservice for visibility of the microservice external of the service cluster.

公开(公告)号：US11356461B2

公开(公告)日：2022-06-07

申请号：US17035065

申请日：2020-09-28

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Akram Ismail Sheriff

IPC: H04L9/32 ,  H04L9/40 ,  H04L45/00

Abstract: Techniques and mechanisms for providing integrity verified paths using only integrity validated pods of nodes. A network service mesh (NSM) associated with a first pod may locally generate a nonce and provide the nonce to the first pod, where the request includes a request for an attestation token. Using the nonce, the first pod may generate the attestation token and reply back to the NSM. The NSM may generate a second request for an attestation token and forward it to a NSE pod, where the request includes a second locally generated nonce generated by the NSM. The NSE pod may generate the second attestation token using the second nonce and reply back to the NSM. The NSM may then have the attestation tokens verified or validated by a certificate authority (CA) server. The NSM may thus instantiate an integrity verified path between the first pod and the NSE pod.

公开(公告)号：US20210345451A1

公开(公告)日：2021-11-04

申请号：US16862738

申请日：2020-04-30

Applicant: Cisco Technology, Inc.

Inventor： Shankar Ramanathan ,  M. David Hanes ,  Muhilan Natarajan ,  Gonzalo Salgueiro ,  Robert Edgar Barton ,  Jerome Henry ,  Akram Ismail Sheriff

IPC: H04W84/02 ,  H04W88/08 ,  H04W88/06 ,  H04B17/318 ,  H04B7/06 ,  G06K9/62 ,  G06N20/00 ,  G01S15/89

Abstract: In one embodiment, a supervisory service for a wireless network obtains frequency-time Doppler profile information for an endpoint node attached to a first access point in the wireless network. The supervisory service uses the frequency-time Doppler profile information for the endpoint node as input to a machine learning model. The machine learning model is trained to output an action for the endpoint node with respect to the wireless network. The supervisory service causes the action for the endpoint node with respect to the wireless network to be performed.

公开(公告)号：US11057211B2

公开(公告)日：2021-07-06

申请号：US16214318

申请日：2018-12-10

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Huimin She ,  Patrick Wetterwald ,  Akram Ismail Sheriff ,  Eric Michel Levy-Abegnoli

IPC: H04L9/32 ,  H04L29/12 ,  H04L9/30 ,  G06F16/901

Abstract: In one embodiment, a method comprises: receiving, by a parent network device providing at least a portion of a directed acyclic graph (DAG) according to a prescribed routing protocol in a low power and lossy network, a destination advertisement object (DAO) message, the DAO message specifying a target Internet Protocol (IP) address claimed by an advertising network device in the DAG and the DAO message further specifying a secure token associated with the target IP address; and selectively issuing a cryptographic challenge to the DAO message to validate whether the advertising network device generated the secure token.

公开(公告)号：US11051172B2

公开(公告)日：2021-06-29

申请号：US16539428

申请日：2019-08-13

Applicant: Cisco Technology, Inc.

Inventor： Raghavaiah Avula ,  Akram Ismail Sheriff ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal

IPC: H04W76/14 ,  H04W12/086 ,  H04W48/16 ,  H04W8/18 ,  H04L29/06 ,  H04W12/06 ,  H04W12/40 ,  H04W12/72 ,  H04W48/18

Abstract: In one example, a wireless Access Point (AP) is configured to provide network connectivity between a User Equipment (UE) and a private wireless network. The wireless AP obtains, from the private wireless network, an indication that the UE is unregistered with the private wireless network. In response to the indication that the UE is unregistered with the private wireless network, the wireless AP provides, to the private wireless network, an indication to initiate an emergency attach procedure with respect to the UE. In response to the indication to initiate the emergency attach procedure, the wireless AP obtains, from the private wireless network, an indication that the UE is authorized to access the private wireless network. In response to the indication that the UE is authorized to access the private wireless network, the wireless AP provides guest access to the private wireless network on behalf of the UE.

公开(公告)号：US10999738B2

公开(公告)日：2021-05-04

申请号：US16259019

申请日：2019-01-28

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ramrao Patil ,  Matthew Aaron Silverman ,  Huaiyi Wang ,  Gangadharan Byju Pularikkal ,  Akram Ismail Sheriff

IPC: H04W12/08 ,  H04W4/80 ,  H04W74/08 ,  H04L12/46 ,  H04W84/12

Abstract: Techniques for identification and isolation of Internet-of-Things devices in an enterprise network are described. In one embodiment, a method includes detecting a plurality of devices having a first network interface to connect to a wireless wide area network and a second network interface to connect to an enterprise network. The method also includes identifying a first subset of the plurality of devices as Internet-of-Things (IoT) devices based on at least a detected repetition rate on a physical random access channel of a transmission made by a device of the plurality of devices. The method includes assigning the IoT devices to a separate network segment within the enterprise network.

公开(公告)号：US20210127309A1

公开(公告)日：2021-04-29

申请号：US17142638

申请日：2021-01-06

Applicant: Cisco Technology, Inc.

Inventor： Akram Ismail Sheriff ,  Xiaoguang Jason Chen ,  Jun Liu ,  Robert Edgar Barton ,  Jerome Henry

IPC: H04W36/00 ,  H04W4/40 ,  H04W36/32 ,  H04W36/38

Abstract: In one embodiment, a device in a wireless network receives telemetry data from a plurality of autonomous vehicles. The telemetry data is indicative of radio signal quality metrics experienced by the vehicles at a particular location over time. The device forms an array of wireless roaming thresholds by applying regression to the telemetry data. The device computes an optimum roaming threshold from the array of wireless roaming thresholds to be used by the vehicles when approaching the location. The device triggers, based on the computed optimum threshold, one or more of the autonomous vehicles to initiate access point roaming when approaching the particular location.

公开(公告)号：US20210051478A1

公开(公告)日：2021-02-18

申请号：US16539428

申请日：2019-08-13

Applicant: Cisco Technology, Inc.

Inventor： Raghavaiah Avula ,  Akram Ismail Sheriff ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal

IPC: H04W12/08 ,  H04W76/14 ,  H04W48/16 ,  H04W8/18 ,  H04W12/00 ,  H04L29/06 ,  H04W12/06

Abstract: In one example, a wireless Access Point (AP) is configured to provide network connectivity between a User Equipment (UE) and a private wireless network. The wireless AP obtains, from the private wireless network, an indication that the UE is unregistered with the private wireless network. In response to the indication that the UE is unregistered with the private wireless network, the wireless AP provides, to the private wireless network, an indication to initiate an emergency attach procedure with respect to the UE. In response to the indication to initiate the emergency attach procedure, the wireless AP obtains, from the private wireless network, an indication that the UE is authorized to access the private wireless network. In response to the indication that the UE is authorized to access the private wireless network, the wireless AP provides guest access to the private wireless network on behalf of the UE.

公开(公告)号：US10743199B1

公开(公告)日：2020-08-11

申请号：US16265036

申请日：2019-02-01

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ramrao Patil ,  Mark Grayson ,  Gangadharan Byju Pularikkal ,  Akram Ismail Sheriff

IPC: H04W24/02 ,  H04W52/24 ,  H04W72/12 ,  H04W16/14 ,  H04W52/26 ,  H04W52/36

Abstract: Techniques for optimizing performance of narrowband Internet-of-Things (NB-IoT) devices in a wireless wide area network (WWAN) are described. In one embodiment, a method includes providing a NB-IoT base station in an in-band deployment mode to operate within a WWAN. The NB-IoT base station is configured to use a physical resource block of the WWAN for communicating with a plurality of NB-IoT devices. The method includes causing a reduction of a power level for a transmission from an initial power level to a first reduced power level. The method includes obtaining parameters associated with performance and throughput for the WWAN and comparing the parameters to a quality threshold. Based on the comparison of the parameters to the threshold, the method includes determining whether or not to reduce the power level for the physical resource block from the first reduced power level to a second reduced power level.