-
公开(公告)号:US11201818B2
公开(公告)日:2021-12-14
申请号:US16783843
申请日:2020-02-06
Applicant: Cisco Technology, Inc.
Inventor: Fabio Maino , Syed Khalid Raza , Alberto Rodriguez Natal , Marc Portoles Comeras
IPC: H04L12/725 , H04L29/08 , H04L12/46 , H04L12/851 , H04L29/06 , H04L12/715 , H04L12/813
Abstract: Disclosed are systems and methods for providing policy selection in a software defined network. An example method includes registering, by an enterprise controller on an enterprise domain, in a shared mapping system on a service provider domain, one or more entries specifying one or more services for one or more classes of traffic to yield registered entries, reading, by a service provider controller, from the shared mapping system, the registered entries, posting, by the service provider controller, the one or more entries to one or more routing tables at a software-defined wide area network of the service provider domain and receiving a request, by a mobile node on the enterprise domain, of a specific service for a particular class of packets according to a classification of the particular class of packets based on a particular label defined in the registered entries for the specific service.
-
公开(公告)号:US10992654B2
公开(公告)日:2021-04-27
申请号:US16104456
申请日:2018-08-17
Applicant: Cisco Technology, Inc.
Inventor: Syed Khalid Raza , Mosaddaq Hussain Turabi , Fabio Rodolfo Maino , Vina Ermagan , Atri Indiresan
Abstract: A method is performed by an access router of an enterprise network including a first edge router to communicate with a second edge router over a wide area network (WAN). The method includes receiving a packet from a first endpoint, receiving from a mapping service a network location of a second edge router for which the packet is destined and a security association (SA) to encrypt the packet from the access router to the second edge router, and generating for the first edge router one or more path selectors for WAN path selection. The method includes encrypting the packet using the SA, and adding to the encrypted IP packet, in clear text, the path selectors and outer encapsulation including the network location, to produce an encrypted tunnel packet. The method also includes forwarding the encrypted tunnel packet to the second edge router via the first edge router and the WAN.
-
公开(公告)号:US20200374109A1
公开(公告)日:2020-11-26
申请号:US16988439
申请日:2020-08-07
Applicant: Cisco Technology, Inc.
Inventor: Syed Khalid Raza , Praveen Raju Kariyanahalli , Rameshbabu Prabagaran , Amir Khan
Abstract: A method for securing communications for a given network topology is provided. The method comprises generating by a node N(i) of the network, security parameters for the node N(i); transmitting by the node N(i), said security parameters to a controller for the network; maintaining by the controller said security parameters for the node N(i); receiving by the controller a request from a node N(j) for the security parameters for the node N(i); retrieving by the controller the security parameters for the node N(i); and transmitting by the controller said security parameters to the node N(j).
-
公开(公告)号:US10419211B1
公开(公告)日:2019-09-17
申请号:US14953431
申请日:2015-11-30
Applicant: Cisco Technology, Inc.
Inventor: Syed Khalid Raza , Praveen Raju Kariyanahalli , Venugopal Hemige
Abstract: A method for securing communications for a given network is provided. The method comprises by at least one node(i) of the network configured to utilize pairwise keys: generating a set of encryption keys; and transmitting the set of encryption keys to a controller for the network; by the controller, executing a key selection process wherein for each node(j) in the network an encryption key J is selected from the set of encryption keys; assigning the encryption key J to the node(j); and transmitting the selected encryption key J to the node(j); by each node(j), generating an encryption key I for the node(i); and sending the encryption key I to the node(i) via the controller.
-
-
-
Search Results
34
records
(took 0.012 seconds)
