公开(公告)号：US20230171172A1

公开(公告)日：2023-06-01

申请号：US17538109

申请日：2021-11-30

Applicant: Cisco Technology, Inc.

Inventor： Domenico Ficara ,  Vincent Cuissard ,  Luca Bisti ,  Alessandro Erta ,  Arun Khanna ,  Frank Brockners

IPC: H04L43/08 ,  H04L12/46

CPC classification number: H04L43/08 ,  H04L12/4633

Abstract: In one embodiment, a network device along a path in a network receives a schedule that controls when the networking device is to insert telemetry data into data traffic passing through the networking device. The networking device generates the telemetry data for insertion into the data traffic passing through the networking device. The networking device inserts, according to the schedule, the telemetry data into a particular packet of the data traffic passing through the networking device. The networking device sends the particular packet to a next hop along the path in the network.

公开(公告)号：US11665544B2

公开(公告)日：2023-05-30

申请号：US17147319

申请日：2021-01-12

Applicant: Cisco Technology, Inc.

Inventor： Ugo Mario Campiglio ,  Amine Choukir ,  Roberto Muccifora ,  Domenico Ficara ,  Sachin Dinkar Wakudkar

IPC: H04L9/40 ,  H04W12/06 ,  H04W12/069 ,  H04W12/71 ,  H04W12/041 ,  H04W12/033

CPC classification number: H04W12/069 ,  H04W12/033 ,  H04W12/041 ,  H04W12/71

Abstract: A method for providing multicast frames in a Multi-Dwelling Unit (MDU) is provided herein. An Access Point (AP) can receive a join request from a first client device. The AP can generate a Group Master Key (GMK) from the Pre-Shared Key (PSK) associated with a Basic Service Set (BSS) that includes the first client device. The AP can then derive a Group Transient Key (GTK) from the GMK. The AP may then send the GTK to the first client device. Thereinafter, the AP can send multicast frames to the first client device encrypted by the GTK. The first client device can decrypt the multicast frames with the GTK. However, a second client device, that does not share the PSK, may receive the multicast frame but cannot decrypt the multicast frames.

公开(公告)号：US20210360400A1

公开(公告)日：2021-11-18

申请号：US17090169

申请日：2020-11-05

Applicant: Cisco Technology, Inc.

Inventor： Domenico Ficara ,  Ugo Mario Campiglio ,  Amine Choukir ,  Sachin Dinkar Wakudkar ,  Javier Ignacio Contreras Albesa ,  Jerome Henry

IPC: H04W12/06 ,  H04W12/04 ,  H04W12/00

Abstract: Presented herein are techniques to manage a wireless local area network. A method includes defining a plurality of geographical zones corresponding to a geographical area that is serviced by a common service set identifier for a wireless local area network, assigning a pre-shared key to a mobile station based on the plurality of geographical zones, wherein the pre-shared key is associated with predetermined policies for a user of the mobile station, associating a media access control address of the mobile station with the pre-shared key, and controlling access of the mobile station to the wireless local area network based on the predetermined policies.

公开(公告)号：US11140043B2

公开(公告)日：2021-10-05

申请号：US16576387

申请日：2019-09-19

Applicant: Cisco Technology Inc.

Inventor： Amine Choukir ,  Roberto Muccifora ,  Antonio Trifilo ,  Domenico Ficara ,  Vincent Cuissard ,  Salvatore Valenza

IPC: H04L12/24 ,  H04W12/06 ,  H04L29/12 ,  H04W84/12

Abstract: A method is provided in a wireless local area network controller in a wireless communication network. The wireless communication network includes one or more virtual networks identified with virtual network IDs, VNIDs. A request is received from a wireless client to onboard onto the network and the wireless client is mapped to an onboarding VNID. The onboarding VNID is associated with an onboarding virtual network that does not require an authentication of the wireless client. An Internet Protocol address assignment is forwarded to the wireless client. The wireless client is remapped from the onboarding VNID to the destination VNID after authenticating the wireless client. The wireless client maintains the assigned IP address after moving from the onboarding VNID to the destination VNID. Access to the wireless client on a virtual network identified by the destination VNID is provided via the assigned IP address.

公开(公告)号：US09749254B2

公开(公告)日：2017-08-29

申请号：US14280814

申请日：2014-05-19

Applicant: Cisco Technology, Inc.

Inventor： Domenico Ficara

IPC: H04L12/869 ,  H04J3/24 ,  H04L12/875

CPC classification number: H04L47/60 ,  H04J3/247 ,  H04L47/56

Abstract: In one embodiment, a method is disclosed in which a device identifies a set of data stream rates for a plurality of data streams. A Huffman tree is constructed for data transmission time slots based on the set of data stream rates. A number of time slots assigned to a parent node in the tree are determined and evenly distributed to child nodes of the parent node, to assign the time slots to the data streams.

公开(公告)号：US09641351B2

公开(公告)日：2017-05-02

申请号：US14575832

申请日：2014-12-18

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Salvatore Valenza ,  Domenico Ficara ,  Roberto Muccifora ,  Leo Caldarola ,  Davide Cuda

IPC: H04W4/00 ,  H04L12/417 ,  H04L12/841 ,  H04L12/26

CPC classification number: H04L12/417 ,  H04L43/0852 ,  H04L47/283

Abstract: In one embodiment, a method includes receiving packets in a flow at a network device in a deterministic network, wherein at least one of the packets is transmitted from a source out of sync due to collision with another flow at the source, analyzing at the network device, the flow to reconstruct a period of the flow, and processing at the network device, the packets according to the period to synchronize the processing of the packets at the network device with the source and remove jitter from the flow. An apparatus and logic are also disclosed herein.

公开(公告)号：US20150172159A1

公开(公告)日：2015-06-18

申请号：US14109590

申请日：2013-12-17

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Domenico Ficara ,  Salvatore Valenza ,  Roberto Muccifora ,  Leo Caldarola

IPC: H04L12/26 ,  G06N5/00 ,  H04L29/06

CPC classification number: H04L63/1408 ,  G06F9/4498

Abstract: In one embodiment, a method includes sampling text in a received packet at a network device and analyzing the sampled text using a sampled deterministic finite automata (DFA) to identify matches between a set of regular expressions and the text. The sampled DFA is created with the regular expressions sampled at a sampling rate calculated for the regular expressions using operations including selecting a minimum sampling rate from sampling rates computed for each of the regular expressions based on a minimum length of the text that can match the regular expression. An apparatus and logic are also disclosed herein.

Abstract translation: 在一个实施例中，一种方法包括在网络设备处接收的分组中对文本进行采样，并使用采样的确定性有限自动机（DFA）分析采样的文本，以识别一组正则表达式和文本之间的匹配。 采用采样的DFA进行创建，其中采用以正则表达式计算的采样率采样的正则表达式，其中包括从基于最大长度的文本中选择最小采样率，该采样率基于每个正则表达式计算的采样率， 表达。 本文还公开了一种装置和逻辑。

公开(公告)号：US20250039040A1

公开(公告)日：2025-01-30

申请号：US18623438

申请日：2024-04-01

Applicant: Cisco Technology, Inc.

Inventor： Domenico Ficara ,  Amine Choukir ,  Salvatore Valenza ,  Vincent Cuissard

IPC: H04L41/0806 ,  H04L41/0853 ,  H04L41/0893

Abstract: A system and a method to dynamically reprovision network devices may include a first network device configured to reprovision a second network device in accordance with a specific location of the second network device in a predefined area. The first network device may be configured to sense the second device at the specific location in the predefined area, identify reprovisioning parameters associated with the specific location, and provide the reprovisioning parameters to the second network device. In turn, the second network device may be configured to perform one or more roles associated with the specific location in the predefined area based at least in part upon information in the reprovisioning parameters.

公开(公告)号：US12192770B2

公开(公告)日：2025-01-07

申请号：US17731689

申请日：2022-04-28

Applicant: Cisco Technology, Inc.

Inventor： Domenico Ficara ,  Roberto Muccifora ,  Amine Choukir ,  Robert Barton ,  Jerome Henry ,  Arun Khanna

IPC: H04W12/122 ,  H04W12/106 ,  H04W12/73

Abstract: A method is provided that is performed in a wireless network to detect a rogue wireless device. The method comprises detecting a suspect wireless device in the wireless network based on messages transmitted by the suspect wireless device using a first Media Access Control (MAC) address that is also used by a valid wireless device in the wireless network. When a suspect wireless device is detected, the method next includes sending to the valid wireless device in the wireless network a request configured to cause the valid wireless device to change its MAC address. After the valid wireless device has changed its MAC address, the method involves observing messages transmitted by the suspect wireless device in the wireless network. The method then includes determining that the suspect wireless device is a rogue device when the suspect wireless device continues to transmit messages using the first MAC address.

公开(公告)号：US12185389B2

公开(公告)日：2024-12-31

申请号：US18424130

申请日：2024-01-26

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Domenico Ficara ,  Alessandro Erta ,  Amine Choukir ,  Patrick Wetterwald

IPC: H04W74/0833 ,  H04W48/20 ,  H04W72/02

Abstract: In one embodiment, an access point of an overhead mesh of access points in an area selects a range of client identifiers. The access point sends, via a beam cone transmitted in a substantially downward direction towards a floor of the area, a trigger signal that includes the range of client identifiers and prompts client devices having identifiers in that range to send best effort transmissions towards the overhead mesh. The access point detects a collision between the best effort transmissions of the client devices. The access point adjusts the range of client identifiers so as to avoid future collisions between the best effort transmissions of the client devices.