公开(公告)号：US11838198B2

公开(公告)日：2023-12-05

申请号：US16919793

申请日：2020-07-02

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Jean-Philippe Vasseur ,  Eric Michel Levy-Abegnoli

IPC: H04L45/02 ,  H04L45/42 ,  H04L49/25

CPC classification number: H04L45/02 ,  H04L45/42 ,  H04L49/251

Abstract: In one embodiment, a method comprises identifying, by a path computation element, essential parent devices from a nonstoring destination oriented directed acyclic graph (DODAG) topology as dominating set members belonging to a dominating set; receiving, by the path computation element, an advertisement message specifying a first dominating set member having reachability to a second dominating set member, the reachability distinct from the nonstoring DODAG topology; and generating, by the path computation element based on the advertisement message, an optimized path for reaching a destination network device in the nonstoring DODAG topology via a selected sequence of dominating set members, the optimized path providing cut-through optimization across the nonstoring DODAG topology.

公开(公告)号：US11764912B2

公开(公告)日：2023-09-19

申请号：US17331403

申请日：2021-05-26

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jerome Henry ,  Malcolm Muir Smith ,  Mark Grayson ,  Patrick Wetterwald ,  Andrew Frederick Myles

IPC: H04L1/18 ,  H04W80/02 ,  H04L1/1867 ,  H04W84/12

CPC classification number: H04L1/1896 ,  H04W80/02 ,  H04W84/12

Abstract: In one embodiment, a method comprises: classifying, by a controller device, a first access point device in a WLAN as a leader access point for a wireless client device, and at least a second access point device as a follower access point; and allocating, to the leader access point, a shortened medium access control layer timer (“timer”) that is shorter than a prescribed timer used by the follower access point, the shortened timer causing the leader access point to respond to reception of a wireless data packet from the wireless client device by transmitting an acknowledgment to the wireless client device upon expiration of the shortened timer; the prescribed timer causing the follower access point to defer to the leader access point based on the follower access point waiting for at least expiration of the prescribed timer before selectively transmitting a corresponding acknowledgment in response to receiving the wireless data packet.

公开(公告)号：US11606347B2

公开(公告)日：2023-03-14

申请号：US17004368

申请日：2020-08-27

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Jonas Zaddach ,  Eric Levy-Abegnoli

IPC: H04L9/40 ,  H04L67/141 ,  H04L67/142

Abstract: This disclosure describes techniques for authenticating a user device for a session. For instance, an authentication entity may authenticate a user device using single sign-on authentication and/or multi-factor authentication. The authentication entity may then determine a duration for which the user device is authenticated for the session. For example, the authentication entity may receive information representing a state of an environment of the user device. The authentication entity may then use the information to identify one or more transitions associated with the environment between the session and a previous session. Using the one or more transitions, the authentication entity may determine the duration for the session by increasing or decreasing a previous duration associated with the previous session.

公开(公告)号：US11552823B2

公开(公告)日：2023-01-10

申请号：US16796146

申请日：2020-02-20

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Jean-Philippe Vasseur ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04L12/46 ,  H04L9/40 ,  G06N20/00

Abstract: In one embodiment, a server instructs one or more networking devices in a local area network (LAN) to form a virtual network overlay in the LAN that redirects traffic associated with a particular node in the LAN to the server. The server receives the redirected traffic associated with the particular node. The server trains a machine learning-based behavioral model for the particular node based on the redirected traffic. The server controls whether a particular redirected traffic flow associated with the node in the LAN is sent to a destination of the traffic flow using the trained behavioral model.

公开(公告)号：US20220368547A1

公开(公告)日：2022-11-17

申请号：US17317124

申请日：2021-05-11

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Eric Levy- Abegnoli ,  Jonas Zaddach

IPC: H04L12/18 ,  G06K9/00 ,  G06K9/46 ,  G06K7/14

Abstract: Techniques are provided that validate a participant in a video conference. As a video conferencing system is remote from a video conference participant, and user devices are not trusted, traditional methods such as client side facial recognition are ineffective at validating a participant from a video conferencing system. Thus, the embodiments encode modulated data for projection onto a face of the participant. A video of the participant is then captured. The conferencing system then confirms that the modulated data is present in the captured video.

公开(公告)号：US11196588B2

公开(公告)日：2021-12-07

申请号：US16585839

申请日：2019-09-27

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Ramakrishnan Chokkanathapuram Sundaram ,  Patrick Wetterwald ,  Eric Michel Levy-Abegnoli

IPC: H04L12/44 ,  H04L12/18 ,  H04L29/06 ,  H04L12/46 ,  H04L12/28 ,  H04L12/64 ,  H04L12/751 ,  H04L12/721

Abstract: A method includes identifying within a network topology, by an apparatus, a plurality of network devices; and establishing by the apparatus, a multiple tree topology comprising a first multicast tree and a second multicast tree, the first and second multicast trees operable as redundant trees for multicast traffic in the network topology, the establishing including: allocating a first of the network devices as a corresponding root of the first multicast tree, allocating a first group of intermediate devices from the network devices as first forwarding devices in the first multicast tree, allocating a second group of intermediate devices as belonging to first leaf devices in the first multicast tree, and allocating terminal devices of the network devices as belonging to the first leaf devices, and allocating a second of the network devices as the corresponding root of the second multicast tree, allocating the second group of intermediate devices as second forwarding devices in the second multicast tree, allocating the first group of intermediate devices as belonging to second leaf devices in the second multicast tree, and allocating the terminal devices as belonging to the second leaf devices.

公开(公告)号：US11057211B2

公开(公告)日：2021-07-06

申请号：US16214318

申请日：2018-12-10

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Huimin She ,  Patrick Wetterwald ,  Akram Ismail Sheriff ,  Eric Michel Levy-Abegnoli

IPC: H04L9/32 ,  H04L29/12 ,  H04L9/30 ,  G06F16/901

Abstract: In one embodiment, a method comprises: receiving, by a parent network device providing at least a portion of a directed acyclic graph (DAG) according to a prescribed routing protocol in a low power and lossy network, a destination advertisement object (DAO) message, the DAO message specifying a target Internet Protocol (IP) address claimed by an advertising network device in the DAG and the DAO message further specifying a secure token associated with the target IP address; and selectively issuing a cryptographic challenge to the DAO message to validate whether the advertising network device generated the secure token.

公开(公告)号：US11036571B2

公开(公告)日：2021-06-15

申请号：US15825248

申请日：2017-11-29

Applicant: Cisco Technology, Inc.

Inventor： Patrick Wetterwald ,  Pascal Thubert ,  Eric Levy-Abegnoli ,  Jean-Philippe Vasseur

IPC: G06F11/07 ,  H04L29/08 ,  H04B17/309 ,  H04L29/06 ,  G06F9/50 ,  G06F15/16 ,  G06F13/14 ,  H04B17/14 ,  H04L12/24

Abstract: In one embodiment, a supervisory device in a network receives a help request from a first node in the network indicative of a problem in the network detected by the first node. The supervisory device identifies a second node in the network that is hosting a repair walker agent able to address the detected problem. The supervisory device determines a network path via which the second node is to send repair walker agent to the first node. The supervisory device instructs the second node to send the repair walker agent to the first node via the determined path.

公开(公告)号：US20210068137A1

公开(公告)日：2021-03-04

申请号：US16560852

申请日：2019-09-04

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Patrick Wetterwald ,  Eric Levy-Abegnoli

IPC: H04W72/12 ,  H04B7/14 ,  H04B17/318 ,  H04W40/24

Abstract: The aspects ensure redundancy by including at least two access points (APs), in an environment, that are capable of serving at least one station (STA). A first AP functions as a primary AP and a second AP functions as a secondary AP. The primary AP can send a layer 2 (L2) control message, for example, a Target Wait Time (TWT) response, to a STA. The primary AP may then wait for an indication (e.g., an Acknowledgement (ACK) signal) of receipt of the L2 control message. The primary AP can also provide the L2 control message to the secondary AP that covers the same room. In at least some configurations, the L2 control message includes metadata about when the secondary AP is to send the copy of the L2 control message over the air. The secondary AP can then relay the L2 control message to the STA.

公开(公告)号：US10911400B2

公开(公告)日：2021-02-02

申请号：US15156571

申请日：2016-05-17

Applicant: Cisco Technology, Inc.

Inventor： Eric Levy-Abegnoli ,  Patrick Wetterwald ,  Pascal Thubert

IPC: G06F15/16 ,  H04L29/12 ,  H04L29/08 ,  G06F16/951 ,  H04W4/70

Abstract: In one embodiment, a tracking device detects a first device connecting to a computer network, and forces an install of fake routing information on the first device that is unique to the first device. Upon detecting a second device connecting to the computer network, the second device having at least one identifying property in common with the first device and at least one identifying property differing from the first device, the tracking device may then query the second device to determine if the second device knows the fake routing information unique to the first device. As such, the tracking device may then determine that the second device is the first device in response to the second device knowing the fake routing information unique to the first device.