公开(公告)号：US20200236112A1

公开(公告)日：2020-07-23

申请号：US16251654

申请日：2019-01-18

Applicant: Cisco Technology, Inc.

Inventor： Gangadharan Byju Pularikkal ,  Santosh Ramrao Patil ,  Bart Brinckman ,  Madhusudan Nanjanagud

IPC: H04L29/06 ,  G06N20/00 ,  H04L12/26

Abstract: In one embodiment, a gateway to a zero trust network applies an access control policy to an endpoint device attempting to access a cloud-based application hosted by the zero trust network. The gateway acts as a reverse proxy between the endpoint device and the cloud-based application, based on the access control policy applied to the endpoint device. The gateway captures telemetry data regarding application traffic reverse proxied by the gateway between the endpoint device and the cloud-based application. The gateway detects an anomalous behavior of the application traffic by comparing the captured telemetry data to a machine learning-based behavioral model for the application. The gateway initiates a mitigation action for the detected anomalous behavior of the application traffic.

公开(公告)号：US10694558B2

公开(公告)日：2020-06-23

申请号：US14944008

申请日：2015-11-17

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Santosh Ramrao Patil ,  Anton Okmyanskiy ,  Akhtar Iqbal ,  Mark Grayson

IPC: H04W76/12 ,  H04W76/11

Abstract: An example method is provided in one example embodiment and includes receiving an assignment request from a core node in a network to establish a tunnel for user plane traffic; forwarding first parameters to a controller of an enterprise network, wherein the first parameters include a tunnel identifier and a network address associated with the core node; receiving an assignment response; and forwarding second parameters to the core node, wherein the second parameters include a tunnel identifier and a network address associated with the controller. In some instances, the assignment request can be a request to establish a tunnel for user plane data traffic. In some instances, the assignment request can be a request to establish a tunnel for user plane voice traffic.

公开(公告)号：US10667256B2

公开(公告)日：2020-05-26

申请号：US14939884

申请日：2015-11-12

Applicant: CISCO TECHNOLOGY, INC.

Inventor： David Lake ,  Mark Grayson ,  Santosh Ramrao Patil

IPC: H04W72/04 ,  H04L29/08 ,  H04W24/08

Abstract: An example method is provided in one example embodiment and includes intercepting a setup request for a session via a small cell network portion associated with a wide area network (WAN) instance, wherein the WAN instance comprises the small cell network portion and an enterprise network portion and wherein the small cell network portion and the enterprise network portion are interconnected to a service provider network; classifying the session to a particular WAN priority queue, wherein a plurality of WAN priority queues are configured for the WAN instance; determining whether the particular WAN priority queue has available bandwidth for the session; allocating bandwidth for the particular WAN priority queue if the particular WAN priority queue has available bandwidth; and permitting the session to be established if the particular WAN priority queue has available bandwidth.

公开(公告)号：US10567245B1

公开(公告)日：2020-02-18

申请号：US16288578

申请日：2019-02-28

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ramrao Patil ,  Abhishek Dhammawat ,  Gary Boon

IPC: H04L12/26 ,  H04L12/24 ,  H04W72/04 ,  H04L29/08

Abstract: Techniques that provide proactive and intelligent packet capturing are described herein. In one embodiment, a method includes storing information associated with a plurality of user equipment (UE) sessions of a plurality of UEs within a mobile network; detecting an anomaly associated with at least one UE session of at least one UE based, at least in part, on the information stored for the at least one UE session; and activating a trace for the at least one UE session based, at least in part, on detecting the anomaly associated with the at least one UE session, wherein activating the trace comprises capturing packet information for a data packet flow associated with the at least one UE session at one or more data-path network elements of a plurality of data-path network elements within the mobile network.

公开(公告)号：US10517014B2

公开(公告)日：2019-12-24

申请号：US15791917

申请日：2017-10-24

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal ,  Kedar K. Gaonkar

IPC: H04W28/02 ,  H04W24/02 ,  H04L12/26 ,  H04W24/08 ,  H04W88/08 ,  H04W84/04

Abstract: A method of controlling performance of a wireless device is performed by a node that is in electronic communication with a cellular network. The node includes a processor, a non-transitory memory, and a network interface. The method includes receiving a performance value characterizing a performance of a communication channel between a wireless device and a wireless access point. In some implementations, the wireless device and the cellular network are associated with different radio access technologies (RATs). The method includes determining whether the performance value breaches a performance criterion for the wireless device. The method includes adjusting a first amount of data transmitted to the wireless device from a base station of the cellular network and a second amount of data transmitted to the wireless device from the wireless access point. In some implementations, the combined first and second amounts of data satisfy the performance criterion for the wireless device.

公开(公告)号：US20190387049A1

公开(公告)日：2019-12-19

申请号：US16009485

申请日：2018-06-15

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ramrao Patil ,  Swaminathan Anantha ,  Sourav Chakraborty ,  Shyam Sundar Vaidyanathan ,  Gangadharan Byju Pularikkal

IPC: H04L29/08 ,  H04L12/66 ,  H04L12/26

Abstract: The disclosed technology relates to systems and methods for automatically scaling down network resources, such as servers or gateway instances, based on predetermined thresholds. A system is configured to detect a reduction in one or more network metrics related to a first server, and instruct the first server to issue a rekey request to a plurality of devices connected to the first server. The system is further configured to instruct a load balancer to route to at least one other server responses from the plurality of devices to the rekey request, and determine a number of connections remaining between the first server and the plurality of devices. The system may be further configured to instruct the load balancer to terminate the first server based on the detected number of connections remaining between the first server and the plurality of devices.

公开(公告)号：US20190132341A1

公开(公告)日：2019-05-02

申请号：US15795670

申请日：2017-10-27

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal

IPC: H04L29/06 ,  H04W12/12 ,  H04W24/00

CPC classification number: H04L63/1425 ,  H04W12/12 ,  H04W24/00 ,  H04W24/04 ,  H04W24/08 ,  H04W76/27

Abstract: Various implementations disclosed herein enable identifying anomalies in a network. For example, in various implementations, a method of identifying anomalies in a network is performed by a network node. In various implementations, the network node includes one or more processors, and a non-transitory memory. In various implementations, the method includes generating a characteristic indicator that characterizes a device type based on communications associated with a first device of the device type. In various implementations, the method includes determining, based on communications associated with the first device, a performance indicator that indicates a performance of the first device. In various implementations, the method includes synthesizing an anomaly indicator as a function of the performance indicator in relation to the characteristic indicator.

公开(公告)号：US20190124543A1

公开(公告)日：2019-04-25

申请号：US15791917

申请日：2017-10-24

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal ,  Kedar K. Gaonkar

IPC: H04W28/02 ,  H04W24/02 ,  H04W24/08 ,  H04L12/26

CPC classification number: H04W28/0268 ,  H04L43/0823 ,  H04L43/0888 ,  H04L43/16 ,  H04W24/02 ,  H04W24/08 ,  H04W84/042 ,  H04W88/08

Abstract: A method of controlling performance of a wireless device is performed by a node that is in electronic communication with a cellular network. The node includes a processor, a non-transitory memory, and a network interface. The method includes receiving a performance value characterizing a performance of a communication channel between a wireless device and a wireless access point. In some implementations, the wireless device and the cellular network are associated with different radio access technologies (RATs). The method includes determining whether the performance value breaches a performance criterion for the wireless device. The method includes adjusting a first amount of data transmitted to the wireless device from a base station of the cellular network and a second amount of data transmitted to the wireless device from the wireless access point. In some implementations, the combined first and second amounts of data satisfy the performance criterion for the wireless device.

公开(公告)号：US20170245211A1

公开(公告)日：2017-08-24

申请号：US15051387

申请日：2016-02-23

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Santosh Ramrao Patil ,  Swaminathan A. Anantha ,  Srinivasa Reddy Irigi ,  Hema Shankar Bontha

IPC: H04W52/02 ,  H04W8/00

CPC classification number: H04W52/0206 ,  H04W8/005 ,  H04W84/042 ,  H04W84/12 ,  H04W88/10 ,  Y02D70/00 ,  Y02D70/1222 ,  Y02D70/1224 ,  Y02D70/1226 ,  Y02D70/1242 ,  Y02D70/1262 ,  Y02D70/1264 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164

Abstract: An example method is provided in one example embodiment and may include determining whether at least one user equipment (UE) is present within a combined WiFi coverage area that overlaps a small cell coverage area of a multimode access point (AP), wherein the multimode AP comprises a WiFi AP portion and a small cell AP portion; and controlling a power saving mode for the small cell AP portion of the multimode AP based on whether at least one UE is determined to be present within the combined WiFi coverage area that overlaps the small cell coverage area of the multimode AP.

公开(公告)号：US20160295357A1

公开(公告)日：2016-10-06

申请号：US14679868

申请日：2015-04-06

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Mark Grayson ,  Anton Okmyanskiy ,  Ziv Nuss ,  Swaminathan A. Anantha ,  Andrea Giustina ,  Mickael James Graham ,  Santosh Ramrao Patil

IPC: H04W4/02 ,  H04W52/38

CPC classification number: H04W4/02 ,  H04W36/165 ,  H04W52/244 ,  H04W52/283 ,  H04W64/006 ,  H04W68/02 ,  H04W84/045 ,  H04W84/12 ,  H04W84/18

Abstract: An example method is provided in one example embodiment and may include determining a presence of user equipment (UE) in relation to small cell radio(s) of a small cell network based on information obtained through the small cell network and one or more parallel networks; and adjusting transmit power for the small cell radio(s) based on the presence of UE in relation to the small cell radio(s). Another example method can include determining that a UE in cell paging channel mode has changed its selected macro cell radio; determining that the UE is allowed service on a small cell radio located in a vicinity of a macro cell coverage area of a selected macro cell radio; and adjusting a transmit power of the small cell radio based on a presence of the UE in a surrounding macro cell coverage area of the small cell radio.