公开(公告)号：US11381518B2

公开(公告)日：2022-07-05

申请号：US17002003

申请日：2020-08-25

Applicant: Cisco Technology, Inc.

Inventor： Patrick Wetterwald ,  Pascal Thubert ,  Jean-Philippe Vasseur ,  Eric Levy-Abegnoli ,  Stephane Labetoulle

IPC: H04L47/83 ,  H04L47/127 ,  G06N20/00 ,  G06N5/04 ,  H04L47/70

Abstract: In one embodiment, a device of a software defined wide area network (SD-WAN) predicts characteristics of a new traffic flow to be admitted to the SD-WAN, based on a set of initial packets of the flow. The device predicts an impact of admitting the flow to the SD-WAN, based in part on extrinsic or exogenous data regarding the SD-WAN. The device admits the flow to the SD-WAN, based on the predicted impact. The supervisory device uses reinforcement learning to adjust one or more call admission control (CAC) parameters of the SD-WAN, based on captured telemetry data regarding the admitted flow.

公开(公告)号：US20220191143A1

公开(公告)日：2022-06-16

申请号：US17122711

申请日：2020-12-15

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Grégory Mermoud ,  David Tedaldi ,  Vinay Kumar Kolar

IPC: H04L12/851 ,  H04L12/825

Abstract: In one embodiment, a device calculates one or more distributions of bitrates associated with an application whose traffic is conveyed via one or more paths in a network. The device detects throughput modes of the application, based on the one or more distributions of bitrates associated with the application. The device associates each throughput mode with a quality of experience label, to form a plurality of pairs of throughput modes and quality of experience labels. The device estimates a quality of experience metric for the application, based on a bitrate of the application and the plurality of pairs of throughput modes and quality of experience labels.

公开(公告)号：US11290331B2

公开(公告)日：2022-03-29

申请号：US16428202

申请日：2019-05-31

Applicant: Cisco Technology, Inc.

Inventor： Grégory Mermoud ,  Jean-Philippe Vasseur ,  Pierre-Andre Savalle ,  David Tedaldi

IPC: H04L12/24 ,  H04L29/06 ,  H04L12/723 ,  H04L41/0873 ,  H04L45/50 ,  H04L41/0893 ,  H04L41/0816

Abstract: In one embodiment, a service receives a plurality of device type classification rules, each rule comprising a device type label and one or more device attributes used as criteria for application of the label to a device in a network. The service estimates, across a space of the device attributes, device densities of devices having device attributes at different points in that space. The service uses the estimated device densities to identify two or more of the device type classification rules as having overlapping device attributes. The service determines that the two or more device type classification rules are in conflict, based on the two or more rules having different device type labels. The service generates a rule conflict resolution that comprises one of the device type labels from the conflicting two or more device type classification rules.

公开(公告)号：US20220070086A1

公开(公告)日：2022-03-03

申请号：US17007362

申请日：2020-08-31

Applicant: Cisco Technology, Inc.

Inventor： Grégory Mermoud ,  Jean-Philippe Vasseur ,  Vinay Kumar Kolar

IPC: H04L12/707 ,  H04L12/24 ,  H04L12/721 ,  G06N20/00 ,  G06N7/00

Abstract: In one embodiment, a device in a network obtains probabilities of service level agreement violations predicted to occur in the network. The device generates, based in part on the probabilities, a plurality of rerouting patches for the network that reroute traffic in the network to avoid the service level agreement violations predicted to occur in the network. The device forms, based on the plurality, a set of rerouting patches that comprises at least a portion of the plurality, by applying an objective function to the plurality of rerouting patches and using one or more size constraints. The device applies the set of rerouting patches to the network, prior to when the service level agreement violations are predicted to occur in the network.

公开(公告)号：US20220038347A1

公开(公告)日：2022-02-03

申请号：US17500200

申请日：2021-10-13

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Grégory Mermoud ,  Vinay Kumar Kolar

IPC: H04L12/24 ,  G06N5/02 ,  H04L12/703

Abstract: In one embodiment, a supervisory service for a software-defined wide area network (SD-WAN) obtains telemetry data from one or more edge devices in the SD-WAN. The service trains, using the telemetry data as training data, a machine learning-based model to predict tunnel failures in the SD-WAN. The service receives feedback from the one or more edge devices regarding failure predictions made by the trained machine learning-based model. The service retrains the machine learning-based model, based on the received feedback.

公开(公告)号：US11240259B2

公开(公告)日：2022-02-01

申请号：US16508398

申请日：2019-07-11

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Sébastien Gay ,  Grégory Mermoud ,  Pierre-André Savalle ,  Alexandre Honoré ,  Fabien Flacher

IPC: H04L29/06 ,  H04L12/24

Abstract: In one embodiment, a networking device at an edge of a network generates a first set of feature vectors using information regarding one or more characteristics of host devices in the network. The networking device forms the host devices into device clusters dynamically based on the first set of feature vectors. The networking device generates a second set of feature vectors using information regarding traffic associated with the device clusters. The networking device models interactions between the device clusters using a plurality of anomaly detection models that are based on the second set of feature vectors.

公开(公告)号：US11240153B1

公开(公告)日：2022-02-01

申请号：US16944334

申请日：2020-07-31

Applicant: Cisco Technology, Inc.

Inventor： Jean-Philippe Vasseur ,  Grégory Mermoud ,  Vinay Kumar Kolar

IPC: H04L12/715 ,  H04L12/24 ,  H04L12/751

Abstract: In one embodiment, a device makes a determination that a first predictive routing policy generated by a predictive routing engine for a network would have performed better than a preexisting routing policy that is active in the network. The device adjusts, based on the determination, a level of trust associated with the predictive routing engine. The device obtains information regarding a second predictive routing policy generated by the predictive routing engine for the network. The device activates the second predictive routing policy in the network, based on the level of trust associated with the predictive routing engine.

公开(公告)号：US11212279B1

公开(公告)日：2021-12-28

申请号：US16266584

申请日：2019-02-04

Applicant: Cisco Technology, Inc.

Inventor： Eric Michel Levy-Abegnoli ,  Pascal Thubert ,  Patrick Wetterwald ,  Jean-Philippe Vasseur

IPC: H04L29/06 ,  H04L29/12 ,  H04L12/54 ,  H04L12/70

Abstract: In one embodiment, a method comprises determining, by a link layer switch within a distributed link layer switched data network, a trust metric for a media access control (MAC) address used by a network device on a link layer connection provided by the link layer switch; receiving, by the link layer switch, a query originated by a second link layer switch in the distributed link layer switched data network, the query specifying the MAC address and a corresponding specified trust metric; and responding to the query, by the link layer switch, based on determining whether the specified trust metric indicates a higher trust level than the corresponding trust metric for the MAC address used by the network device on the link layer connection.

公开(公告)号：US11196629B2

公开(公告)日：2021-12-07

申请号：US17142447

申请日：2021-01-06

Applicant: Cisco Technology, Inc.

Inventor： David Tedaldi ,  Grégory Mermoud ,  Pierre-Andre Savalle ,  Jean-Philippe Vasseur

IPC: H04L12/24 ,  H04L12/26

Abstract: In various embodiments, a device classification service obtains traffic telemetry data for a plurality of devices in a network. The service applies clustering to the traffic telemetry data, to form device clusters. The service generates a device classification rule based on a particular one of the device clusters. The service receives feedback from a user interface regarding the device classification rule. The service adjusts the device classification rule based on the received feedback.

公开(公告)号：US11153347B2

公开(公告)日：2021-10-19

申请号：US16424912

申请日：2019-05-29

Applicant: Cisco Technology, Inc.

Inventor： Pierre-Andre Savalle ,  Jean-Philippe Vasseur ,  Grégory Mermoud

IPC: H04L29/06 ,  H04L29/08 ,  G06N20/00 ,  G06N5/02

Abstract: In one embodiment, a device in a network obtains data indicative of a device classification rule, a device type label associated with the rule, and a set of positive and negative feature vectors used to create the rule. The device replaces similar feature vectors in the set of positive and negative feature vectors with a single feature vector, to form a reduced set of feature vectors. The device applies differential privacy to the reduced set of feature vectors. The device sends a digest to a cloud service. The digest comprises the device classification rule, the device type label, and the reduced set of feature vectors to which differential privacy was applied. The service uses the digest to train a machine learning-based device classifier.