公开(公告)号：US20220231837A1

公开(公告)日：2022-07-21

申请号：US17153327

申请日：2021-01-20

Applicant: Cisco Technology, Inc.

Inventor： Mateusz Olszowy ,  M. David Hanes ,  Oliver W. Fagan

IPC: H04L9/08 ,  H04L29/06 ,  G06K7/14

Abstract: A packet capture operation is configured via a first computing device. The packet capture operation is configured to capture packets provided by a second computing device. The first computing device obtains an indication that a user is within a predetermined location proximity to the second computing device. The packet capture operation is initiated in response to obtaining the indication at the first computing device.

公开(公告)号：US11368848B2

公开(公告)日：2022-06-21

申请号：US16278430

申请日：2019-02-18

Applicant: Cisco Technology, Inc.

Inventor： Charles Calvin Byers ,  M. David Hanes ,  Gonzalo Salgueiro ,  Dmitri Goloubev ,  Joseph Michael Clarke

IPC: H04W12/65 ,  G06N20/00 ,  H04W12/00 ,  H04W12/63 ,  H04W12/122

Abstract: Presented herein are methodologies to on-board and monitor Internet of Things (IoT) devices on a network. The methodology includes receiving at a server, from a plurality of IoT devices communicating over a network, data representative of external environmental factors being experienced by individual ones of the plurality of IoT devices at a predetermined location; generating, using machine learning, an aggregated model of the external environmental factors at the predetermined location; receiving, at the server, a communication indicative that a new IoT device seeks to join the network at the predetermined location; receiving, from the new IoT device, data representative of external environmental factors being experienced by the new IoT device; determining whether there is a discrepancy between the external environmental factors of the new IoT device and the aggregated model; and when there is such a discrepancy, prohibiting the new IoT device from joining the network.

公开(公告)号：US20210345451A1

公开(公告)日：2021-11-04

申请号：US16862738

申请日：2020-04-30

Applicant: Cisco Technology, Inc.

Inventor： Shankar Ramanathan ,  M. David Hanes ,  Muhilan Natarajan ,  Gonzalo Salgueiro ,  Robert Edgar Barton ,  Jerome Henry ,  Akram Ismail Sheriff

IPC: H04W84/02 ,  H04W88/08 ,  H04W88/06 ,  H04B17/318 ,  H04B7/06 ,  G06K9/62 ,  G06N20/00 ,  G01S15/89

Abstract: In one embodiment, a supervisory service for a wireless network obtains frequency-time Doppler profile information for an endpoint node attached to a first access point in the wireless network. The supervisory service uses the frequency-time Doppler profile information for the endpoint node as input to a machine learning model. The machine learning model is trained to output an action for the endpoint node with respect to the wireless network. The supervisory service causes the action for the endpoint node with respect to the wireless network to be performed.

公开(公告)号：US10965534B2

公开(公告)日：2021-03-30

申请号：US15795723

申请日：2017-10-27

Applicant: Cisco Technology, Inc.

Inventor： M. David Hanes ,  Charles Calvin Byers ,  Joseph Michael Clarke ,  Gonzalo Salgueiro ,  Jerome Henry ,  Robert Edgar Barton

IPC: G06F15/173 ,  H04L12/24 ,  H04L12/26 ,  H04L29/08

Abstract: A method includes obtaining performance characterization values from endpoints managed by a first fog node at a first hierarchical level in a hierarchy of fog nodes. The method includes changing a first operating characteristic of the wireless network based on the performance characterization values. The first operating characteristic affects the operation of one or more of the endpoints. The method includes transmitting a portion of the performance characterization values to a second fog node at a second hierarchical level in the hierarchy of fog nodes. The method includes changing a second operating characteristic of the wireless network based on an instruction from the second fog node. The second operating characteristic affects the operation of the first fog node and/or other fog nodes at the first hierarchical level. Changing one or more of the first operating characteristic and the second operating characteristic satisfies an operating threshold for the wireless network.

公开(公告)号：US10917352B1

公开(公告)日：2021-02-09

申请号：US16560386

申请日：2019-09-04

Applicant: Cisco Technology, Inc.

Inventor： M. David Hanes ,  Santosh Ramrao Patil ,  Gonzalo Salgueiro ,  Akramsheriff Ismailsheriff

IPC: H04L12/26 ,  H04L12/803 ,  H04L12/801 ,  H04L12/807 ,  H04L12/813 ,  H04L29/06 ,  H04L12/841

Abstract: Systems and methods provide for Selective Tracking of Acknowledgments (STACKing) to improve buffer utilization and traffic shaping for one or more network devices. A network device can identify a first flow that corresponds to a predetermined traffic class and a predetermined congestion state. The device can determine a current window size and congestion threshold of the first flow. In response to a determination to selectively track a portion of acknowledgments of the first flow, the device can track, in main memory, information of a first portion of acknowledgments of the first flow. The device can exclude, from one or more buffers, a second portion of acknowledgments of the first flow. The device can re-generate and transmit segments corresponding to the second portion of acknowledgments at a target transmission rate based on traffic shaping policies for the predetermined traffic class and congestion state.

公开(公告)号：US10911533B2

公开(公告)日：2021-02-02

申请号：US16360863

申请日：2019-03-21

Applicant: Cisco Technology, Inc.

Inventor： Sebastian Jeuk ,  Gonzalo A. Salgueiro ,  M. David Hanes

IPC: H04L29/08 ,  H04L29/06 ,  H04L29/12

Abstract: In one embodiment, an Internet of Things (IoT) device in a network establishes connections with a plurality of peers. The device identifies an event involving the IoT device. The device generates a GOAWAY message that includes metadata regarding the event within a metadata field of the message. The GOAWAY message indicates that the IoT device is not accepting new connections. The device sends the GOAWAY message to one or more of the peers.

公开(公告)号：US20210029130A1

公开(公告)日：2021-01-28

申请号：US17034714

申请日：2020-09-28

Applicant: Cisco Technology, Inc.

Inventor： Nikhil Sainath Kale ,  M. David Hanes ,  Ana Peric ,  Gonzalo Salgueiro

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/46

Abstract: In one embodiment, a device including a processor, and a memory to store data used by the processor, wherein the processor is operative to run a manufacturer usage description (MUD) controller operative to obtain a MUD profile of an Internet of Things (IoT) device from a MUD server, the MUD profile of the IoT device including: access rights of the IoT device, and any one or more of the following a default device username and/or a default device password of the IoT device, a recommended/required device password complexity of the IoT device, at least one service that should be enabled/disabled on the IoT device, and/or allowed security protocols and/or ciphers for communication to and/or from the IoT device, enforce security of the IoT device according to the MUD profile of the IoT device. Related apparatus and methods are also described.

公开(公告)号：US10771436B2

公开(公告)日：2020-09-08

申请号：US15946907

申请日：2018-04-06

Applicant: Cisco Technology, Inc.

Inventor： Robert Thomas Taylor ,  M. David Hanes ,  Nikhil Sainath Kale ,  Ana Perić

IPC: H04L29/06 ,  G06N20/00

Abstract: In one example embodiment, a proxy for a network obtains a traffic flow. The proxy determines whether a security policy in a whitelist for the traffic flow is active. If it is determined that the security policy for the traffic flow is active, the proxy selectively decrypts the traffic flow to produce one or more traffic flow attributes and, based on the one or more traffic flow attributes, determines whether the traffic flow is potentially malicious.

公开(公告)号：US10581690B2

公开(公告)日：2020-03-03

申请号：US15921680

申请日：2018-03-15

Applicant: Cisco Technology, Inc.

Inventor： Gonzalo Salgueiro ,  Joseph M. Clarke ,  Charles Calvin Byers ,  M. David Hanes

IPC: H04L12/24 ,  H04L29/08 ,  G06F8/65

Abstract: In one embodiment, an apparatus comprising at least one memory, and processing circuitry, the processing circuitry adapted to obtain combined data, the combined data including policy data, or a pointer to the policy data, the policy data relating to general access for an Internet of Things (IoT) device, and update metadata, or a pointer to the update metadata, the update metadata relating to at least one update that is relevant to the IoT device in accordance with at least one criterion, and cause access of the IoT device to the at least one update to be in accordance with an update specific policy that is based on the combined data.

公开(公告)号：US20190288913A1

公开(公告)日：2019-09-19

申请号：US15921680

申请日：2018-03-15

Applicant: Cisco Technology, Inc.

Inventor： Gonzalo Salgueiro ,  Joseph M. Clarke ,  Charles Calvin Byers ,  M. David Hanes

IPC: H04L12/24 ,  G06F8/65 ,  H04L29/08

Abstract: In one embodiment, an apparatus comprising at least one memory, and processing circuitry, the processing circuitry adapted to obtain combined data, the combined data including policy data, or a pointer to the policy data, the policy data relating to general access for an Internet of Things (IoT) device, and update metadata, or a pointer to the update metadata, the update metadata relating to at least one update that is relevant to the IoT device in accordance with at least one criterion, and cause access of the IoT device to the at least one update to be in accordance with an update specific policy that is based on the combined data.