-
公开(公告)号:US10785652B1
公开(公告)日:2020-09-22
申请号:US16567175
申请日:2019-09-11
Applicant: Cisco Technology, Inc.
Inventor: Rammohan Ravindranath , Rajesh Indira Viswambharan , Prashanth Patil
IPC: H04L29/06 , H04W12/08 , H04L12/911 , H04W12/06 , H04W28/02
Abstract: In one illustrative example, a network node may receive, from a user equipment (UE), a message indicating a token authorization request for access to a custom, enterprise private network slice of a 5G network. The message may include a token provided to the UE by an enterprise server of an enterprise private network of the enterprise. The network node may perform a token validation procedure and, based on a successful token validation, send a message for causing a provisioning of one or more rules in a forwarding entity of the 5G network, for causing enterprise user plane (UP) traffic of the UE to be forwarded to an anchor UPF of the private network slice. The enterprise UP traffic communication may be used for the remote control and/or monitoring of elements in a private 5G network of the enterprise.
-
公开(公告)号:US20200287919A1
公开(公告)日:2020-09-10
申请号:US16293937
申请日:2019-03-06
Applicant: Cisco Technology, Inc.
Inventor: Ram Mohan Ravindranath , Prashanth Patil , Rajesh Indira Viswambharan
IPC: H04L29/06 , G06N20/00 , G06F16/28 , H04L12/741
Abstract: Systems, methods, computer-readable media, and devices are disclosed for verifying traffic classification. At a first node, a classification to a received packet is designated according to a local model. The classification of the packet by the first node is verified by sending packet information describing the packet to a distributed network comprising multiple nodes, where the packet information includes attributes of the packet. The classification of the packet is verified from receiving results from a second node that, based on the attributes, independently classifies the packet. Based on the verified classification, decentralized information for classifying packets is updated.
-
公开(公告)号:US10749897B2
公开(公告)日:2020-08-18
申请号:US16110102
申请日:2018-08-23
Applicant: Cisco Technology, Inc.
Inventor: Tirumaleswar Reddy , Daniel Wing , Prashanth Patil
Abstract: In one embodiment, a distributed denial of service attack on a network is identified. In response to the distributed denial of service attack, a script to request a short term certificate is executed. The short term certificate is generated by a certificate server and received either directly or indirectly from the certificate server. An instruction to redirect traffic using the short term certificate and private key is sent to a distributed denial of service attack protection service that is operable to filter or otherwise mitigate malicious traffic involved in the distributed denial of service attack.
-
公开(公告)号:US10659484B2
公开(公告)日:2020-05-19
申请号:US15898915
申请日:2018-02-19
Applicant: Cisco Technology, Inc.
Inventor: Saman Taghavi Zargar , Subharthi Paul , Prashanth Patil , Jayaraman Iyer , Hari Shankar
Abstract: In one embodiment, a centralized controller maintains a plurality of hierarchical behavioral modules of a behavioral model, and distributes initial behavioral modules to data plane entities to cause them to apply the initial behavioral modules to data plane traffic. The centralized controller may then receive data from a particular data plane entity based on its having applied the initial behavioral modules to its data plane traffic. The centralized controller then distributes subsequent behavioral modules to the particular data plane entity to cause it to apply the subsequent behavioral modules to the data plane traffic, the subsequent behavioral modules selected based on the previously received data from the particular data plane entity. The centralized controller may then iteratively receive data from the particular data plane entity and distribute subsequently selected behavioral modules until an attack determination is made on the data plane traffic of the particular data plane entity.
-
公开(公告)号:US20200057860A1
公开(公告)日:2020-02-20
申请号:US16105910
申请日:2018-08-20
Applicant: Cisco Technology, Inc.
IPC: G06F21/62
Abstract: Disclosed herein is a distributed ledger method for a fifth-generation (5G) network. A network slice is created in the 5G network and a root block is generated in response, containing parameters of the network slice and contracts between participants in the network slice. A blockID of the root block is transmitted to identified participants in the network slice, who sequentially commit a plurality of new blocks to a blockchain beginning from the root block. The plurality of new blocks comprises auditing information of the network slice, wherein the information is collected by the participants in the network slice. The blockchain is stored in a blockchain network of a plurality of disparate blockchains. Desired auditing information for the network slice is retrieved by using the blockID of the root block to traverse the blockchain beginning at the root block until all blocks with the desired auditing information have been read.
-
Patent Agency Ranking
公开(公告)号:US10540507B2
公开(公告)日:2020-01-21
申请号:US15597332
申请日:2017-05-17
Applicant: Cisco Technology, Inc.
Inventor: Steven Richard Stites , Morteza Ansari , Syam Sundar V Appala , Prashanth Patil
Abstract: A device obtains access to an application resource from a remote application server based on an authenticated device identifier. The device sends a request to access the application resource provided by the remote application server. The device receives a first message from the remote application server directing the device to send an authentication message to a device identity server. The authentication message requests an authenticated device identity for the device. The device attaches metadata associated with the device to the authentication message and sends the authentication message with the attached metadata to the device identity server. The device receives the authenticated device identity from the device identity server and sends the authenticated device identity to the remote application. The device obtains access to the application resource from the remote application server based on the authenticated device identity.
-
公开(公告)号:US10237257B2
公开(公告)日:2019-03-19
申请号:US15014724
申请日:2016-02-03
Applicant: Cisco Technology, Inc.
Inventor: Steven Stites , Prashanth Patil
Abstract: In one embodiment, a system, method, and computer program product are disclosed for authenticating a packet received from a client node, storing the results of the authentication in a cache memory of a service classifier node, and including the results of the authentication in a network service header of a packet before forwarding the packet to downstream service nodes. In one embodiment, the initial authentication is performed in conjunction with an authentication node.
-
公开(公告)号:US10231120B2
公开(公告)日:2019-03-12
申请号:US13652825
申请日:2012-10-16
Applicant: Cisco Technology, Inc.
Inventor: Ramesh Nethi , Tirumaleswar Reddy , Srinivas Chivukula , Prashanth Patil
Abstract: In one implementation, traffic in a mobile network is offloaded to a security as a service server or a cloud server. A mobile access gateway (MAG) in the mobile network identifies one or more mobile nodes that are configured for communication on the mobile network. The MAG receives a message that includes an address of a mobile node and sends a request based on the message to the security as a service server. The MAG forwards traffic flows to the security as a service server according to the message, which is configured to detect an indication of malicious software in the traffic flows and/or filter content of the traffic flows according to a user profile.
-
公开(公告)号:US20190014146A1
公开(公告)日:2019-01-10
申请号:US16110102
申请日:2018-08-23
Applicant: Cisco Technology, Inc.
Inventor: Tirumaleswar Reddy , Daniel Wing , Prashanth Patil
Abstract: In one embodiment, a distributed denial of service attack on a network is identified. In response to the distributed denial of service attack, a script to request a short term certificate is executed. The short term certificate is generated by a certificate server and received either directly or indirectly from the certificate server. An instruction to redirect traffic using the short term certificate and private key is sent to a distributed denial of service attack protection service that is operable to filter or otherwise mitigate malicious traffic involved in the distributed denial of service attack.
-
公开(公告)号:US20190014124A1
公开(公告)日:2019-01-10
申请号:US15644982
申请日:2017-07-10
Applicant: Cisco Technology, Inc.
Inventor: K. Tirumaleswar Reddy , Prashanth Patil , Carlos M. Pignataro , Puneeth Rao Lokapalli , Judith Ying Priest
CPC classification number: H04L63/108 , H04L9/3236 , H04L41/5019 , H04L41/5051 , H04L41/5096 , H04L63/1458 , H04L63/164 , H04L63/20 , H04L67/125 , H04L2209/20 , H04L2209/38 , H04L2209/56
Abstract: Managing policies for a chain of administrative domains, from end-to-end, includes receiving, at a network device associated with an administrative domain that is part of a chain of administrative domains provisioning an Internet-based application or an Internet-based service to a network, a root block for a blockchain. The root block is generated by a network device in the network and includes a request for a specific network parameter over a specific time period. The network device associated with the administrative domain appends a first block to the blockchain including the root block to accept the request and configures the administrative domain in accordance with the specific network parameter when an end-to-end path in the chain of administrative domains accepts the request. The network device associated with the administrative domain also generates blockchain transactions that append network status updates to the blockchain during the specific time period.
-
-
-
-
-
-
-
-
-
Search Results
111
records
(took 0.026 seconds)
