公开(公告)号：US20230319943A1

公开(公告)日：2023-10-05

申请号：US17711488

申请日：2022-04-01

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Jerome Henry ,  Stephen Michael Orr

IPC: H04W76/25 ,  H04L1/16

CPC classification number: H04W76/25 ,  H04L61/5038 ,  H04L1/1685

Abstract: A method comprising: at an access point configured with a first basic service set identifier (BSSID): performing an association process by which one or more wireless stations wirelessly associate to the access point using the first BSSID; and while the one or more wireless stations remain associated to the access point: sending, to the one or more wireless stations, a protected management frame configured to indicate that the access point will rotate from the first BSSID to a second BSSID; after sending, rotating from the first BSSID to the second BSSID while maintaining continuity of association to the one or more wireless stations; and after rotating, communicating with the one or more wireless stations using the second BSSID.

公开(公告)号：US20230117067A1

公开(公告)日：2023-04-20

申请号：US17976124

申请日：2022-10-28

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Jerome Henry ,  Stephen Michael Orr

IPC: H04W8/28 ,  H04L12/46 ,  H04W68/00

Abstract: A network controller provides proactive notification of a wireless client device's address rotation to layer 2 (L2) and/or layer 3 (L3) devices. Traditional methods of device address discovery rely on broadcasting of address queries across a plurality of links until a path to a device having the queried address responds. As device address changes become more frequent in an effort to improve user privacy, traditional methods of address discovery impose a large burden on networks, reducing their performance and efficiency. By proactively propagating address changes to upstream devices, the need for broadcast oriented address discovery techniques is reduced, resulting in improved network performance.

公开(公告)号：US20220385623A1

公开(公告)日：2022-12-01

申请号：US17536628

申请日：2021-11-29

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Robert E. Barton ,  Stephen Michael Orr

IPC: H04L61/5014 ,  H04L101/622

Abstract: A method comprises, at a wireless network controller of wireless access points through which wireless client devices that are wireless communicate with the controller: upon receiving, from a wireless client device, a dynamic host configuration protocol (DHCP) request having a media access control (MAC) address, determining whether the wireless client device rotated its MAC address from a previous MAC address to the MAC address; when the wireless client device rotated its MAC address, forwarding, to a DHCP service, the DHCP request with a notification of a MAC address rotation to cause the DHCP service to reassign a previously assigned Internet Protocol (IP) address to the wireless client device; and upon receiving, from the DHCP service, a DHCP offer asserting the previously assigned IP address, forwarding the DHCP offer to the wireless client device.

公开(公告)号：US11411915B2

公开(公告)日：2022-08-09

申请号：US16243733

申请日：2019-01-09

Applicant: Cisco Technology, Inc.

Inventor： Craig Thomas Hill ,  Stephen Michael Orr

IPC: H04L45/021 ,  H04L9/40 ,  H04L9/08 ,  H04L69/18

Abstract: A network device configured to communicate with a network executes a security protocol. The security protocol establishes a secure session with a security peer network device, exchanges security protected traffic with the security peer network device over a secure link, detects whether there is a security failure in the secure session, and upon detecting a security failure, signals there is a security failure. The network device also executes a routing protocol. The routing protocol maintains a routing table that includes a route to the security peer over the secure link, routes the security protected traffic along the route, and, upon receiving from the security protocol the signal that there is a security failure, removes the route from the routing table to stop the routing.

公开(公告)号：US11128663B2

公开(公告)日：2021-09-21

申请号：US16161716

申请日：2018-10-16

Applicant: Cisco Technology, Inc.

Inventor： Craig Thomas Hill ,  Stephen Michael Orr

IPC: H04L29/06 ,  H04L29/08

Abstract: A first network element, such as a router, in a computer network may have established a communication link with a second network element in the computer network. A secure session associated with the communication link between the first and second network elements may then be established. The secure session may use a secure communication function on each of the first network element and the second network element. The first network element may then detect that the first network element cannot communicate with the second network element over the communication link. When the first network element cannot communicate with the second network element, the first network element may terminate the communication link and the secure session associated with the communication link.