公开(公告)号：US11924073B2

公开(公告)日：2024-03-05

申请号：US17403026

申请日：2021-08-16

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: G06F21/00 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/455 ,  G06F16/11 ,  G06F16/13 ,  G06F16/16 ,  G06F16/17 ,  G06F16/174 ,  G06F16/23 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/28 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/55 ,  G06F21/56 ,  G06N20/00 ,  G06N99/00 ,  G06T11/20 ,  H04J3/06 ,  H04J3/14 ,  H04L1/24 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/045 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/00 ,  H04L45/302 ,  H04L45/50 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  H04L67/50

CPC classification number: H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/45558 ,  G06F16/122 ,  G06F16/137 ,  G06F16/162 ,  G06F16/17 ,  G06F16/173 ,  G06F16/174 ,  G06F16/1744 ,  G06F16/1748 ,  G06F16/2322 ,  G06F16/235 ,  G06F16/2365 ,  G06F16/24578 ,  G06F16/248 ,  G06F16/285 ,  G06F16/288 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/552 ,  G06F21/556 ,  G06F21/566 ,  G06N20/00 ,  G06N99/00 ,  G06T11/206 ,  H04J3/0661 ,  H04J3/14 ,  H04L1/242 ,  H04L9/0866 ,  H04L9/3239 ,  H04L9/3242 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0841 ,  H04L43/0858 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/306 ,  H04L45/38 ,  H04L45/46 ,  H04L45/507 ,  H04L45/66 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L63/0227 ,  H04L63/0263 ,  H04L63/06 ,  H04L63/0876 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/145 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/16 ,  H04L63/20 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45591 ,  G06F2009/45595 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2111 ,  G06F2221/2115 ,  G06F2221/2145 ,  H04L67/535

Abstract: A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.

公开(公告)号：US20240015084A1

公开(公告)日：2024-01-11

申请号：US18471125

申请日：2023-09-20

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: H04L43/045 ,  H04L9/40 ,  G06F9/455 ,  G06N20/00 ,  G06F21/55 ,  G06F21/56 ,  G06F16/28 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/29 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06F16/174 ,  G06F16/23 ,  G06F16/9535 ,  G06N99/00 ,  H04L9/32 ,  H04L41/0668 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/106 ,  H04L45/00 ,  H04L45/50 ,  H04L67/12 ,  H04L43/026 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/51 ,  H04L67/75 ,  H04L67/1001 ,  H04W72/54 ,  H04L43/062 ,  H04L43/10 ,  H04L47/2441 ,  H04L41/0893 ,  H04L43/08 ,  H04L43/04 ,  H04W84/18 ,  H04L67/10 ,  H04L41/046 ,  H04L43/0876 ,  H04L41/12 ,  H04L41/16 ,  H04L41/0816 ,  G06F21/53 ,  H04L41/22 ,  G06F3/04842 ,  G06F3/04847 ,  H04L41/0803 ,  H04L43/0829 ,  H04L43/16 ,  H04L1/24 ,  H04L9/08 ,  H04J3/06 ,  H04J3/14 ,  H04L47/20 ,  H04L47/32 ,  H04L43/0864 ,  H04L47/11 ,  H04L69/22 ,  H04L45/74 ,  H04L47/2483 ,  H04L43/0882 ,  H04L41/0806 ,  H04L43/0888 ,  H04L43/12 ,  H04L47/31 ,  G06F3/0482 ,  G06T11/20 ,  H04L43/02 ,  H04L47/28 ,  H04L69/16 ,  H04L45/302

CPC classification number: H04L43/045 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/20 ,  G06F9/45558 ,  G06N20/00 ,  G06F21/552 ,  G06F21/566 ,  G06F16/285 ,  G06F16/288 ,  G06F16/24578 ,  G06F16/248 ,  G06F16/29 ,  G06F16/162 ,  G06F16/17 ,  G06F16/122 ,  G06F16/137 ,  G06F16/173 ,  G06F16/1744 ,  G06F16/2322 ,  G06F16/235 ,  G06F16/9535 ,  G06F16/1748 ,  G06F16/174 ,  G06N99/00 ,  H04L9/3239 ,  H04L41/0668 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0858 ,  H04L43/106 ,  H04L45/46 ,  H04L45/507 ,  H04L63/1458 ,  H04L67/12 ,  H04L43/026 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/51 ,  H04L67/75 ,  H04L67/1001 ,  G06F21/556 ,  H04W72/54 ,  H04L63/1416 ,  H04L63/145 ,  H04L43/062 ,  H04L43/10 ,  H04L47/2441 ,  H04L41/0893 ,  H04L43/08 ,  H04L43/04 ,  H04W84/18 ,  H04L67/10 ,  H04L41/046 ,  H04L43/0876 ,  H04L41/12 ,  H04L41/16 ,  H04L41/0816 ,  G06F21/53 ,  H04L63/16 ,  H04L41/22 ,  G06F3/04842 ,  G06F3/04847 ,  H04L41/0803 ,  H04L43/0829 ,  H04L43/16 ,  H04L1/242 ,  H04L9/0866 ,  H04L9/3242 ,  H04L63/06 ,  H04L63/0876 ,  H04J3/0661 ,  H04J3/14 ,  H04L47/20 ,  H04L47/32 ,  H04L43/0841 ,  H04L43/0864 ,  H04L47/11 ,  H04L63/1408 ,  H04L69/22 ,  H04L45/74 ,  H04L47/2483 ,  H04L43/0882 ,  H04L63/0227 ,  H04L63/0263 ,  H04L41/0806 ,  H04L43/0888 ,  H04L43/12 ,  H04L63/1433 ,  H04L47/31 ,  H04L45/38 ,  H04L45/66 ,  G06F3/0482 ,  G06T11/206 ,  H04L43/02 ,  H04L47/28 ,  H04L69/16 ,  H04L63/1466 ,  H04L45/306 ,  G06F16/2365 ,  G06F2009/45587 ,  G06F2009/45595 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2111 ,  G06F2221/2115 ,  G06F2221/2145 ,  H04L67/535

Abstract: An example method according to some embodiments includes receiving flow data for a packet traversing a network. The method continues by determining a source endpoint group and a destination endpoint group for the packet. The method continues by determining that a policy was utilized, the policy being applicable to the endpoint group. Finally, the method includes updating utilization data for the policy based on the flow data.

公开(公告)号：US20230118563A1

公开(公告)日：2023-04-20

申请号：US18054069

申请日：2022-11-09

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Abhishek Ranjan Singh ,  Shashidhar Gandham ,  Ellen Christine Scheib ,  Omid Madani ,  Ali Parandehgheibi ,  Jackson Ngoc Ki Pang ,  Vimalkumar Jeyakumar ,  Michael Standish Watts ,  Hoang Viet Nguyen ,  Khawar Deen ,  Rohit Chandra Prasad ,  Sunil Kumar Gupta ,  Supreeth Hosur Nagesh Rao ,  Anubhav Gupta ,  Ashutosh Kulshreshtha ,  Roberto Fernando Spadaro ,  Hai Trong Vu ,  Varun Sagar Malhotra ,  Shih-Chun Chang ,  Bharathwaj Sankara Viswanathan ,  Fnu Rachita Agasthy ,  Duane Thomas Barlow

IPC: H04L9/40 ,  H04L43/04 ,  H04L43/0894

Abstract: An example method includes detecting, using sensors, packets throughout a datacenter. The sensors can then send packet logs to various collectors which can then identify and summarize data flows in the datacenter. The collectors can then send flow logs to an analytics module which can identify the status of the datacenter and detect an attack.

公开(公告)号：US11470159B2

公开(公告)日：2022-10-11

申请号：US17157388

申请日：2021-01-25

Applicant: Cisco Technology, Inc.

Inventor： Jackson Ngoc Ki Pang ,  Ashutosh Kulshreshtha ,  Preethi Narayan ,  Vishal Jaswant Thakkar ,  Aria Rahadian ,  Zhiwen Zhang

IPC: H04L67/133 ,  H04L9/40 ,  H04L67/51

Abstract: The present disclosure provides systems, methods, and computer-readable media for determining an objective measure of breach exposure of Application Programming Interface (API) infrastructure for microservices. In one aspect, a method includes analyzing header information of Application Programming Interface (API) call stacks between microservices; determining, for each API call stack, corresponding security key information based on the header information; determining location information of each of the microservices; and determining a vulnerability score for each of the microservices based on the corresponding security key information and corresponding location information of each of the microservices.

公开(公告)号：US11463483B2

公开(公告)日：2022-10-04

申请号：US16921184

申请日：2020-07-06

Applicant: Cisco Technology, Inc.

Inventor： Alok Lalit Wadhwa ,  James Gabriel Fontenot ,  Ashutosh Kulshreshtha ,  Navindra Yadav ,  Shashidhar Gandham ,  Weifei Zeng

IPC: H04L9/40 ,  H04L29/06

Abstract: Disclosed herein are methods, systems, and non-transitory computer-readable storage media for scoring network segmentation policies in order to determine their effectiveness before, during and after enforcement. In one aspect, a method includes identifying one or more applications within an enterprise network; identifying at least one network security policy in association with the one or more applications within the enterprise network; determining a score of the network security policy based on information corresponding to exposure of each of the one or more applications within the enterprise network; and executing the network security policy based on the score.

公开(公告)号：US20220070279A1

公开(公告)日：2022-03-03

申请号：US17157388

申请日：2021-01-25

Applicant: Cisco Technology, Inc.

Inventor： Jackson Ngoc Ki Pang ,  Ashutosh Kulshreshtha ,  Preethi Narayan ,  Vishal Jaswant Thakkar ,  Aria Rahadian ,  Zhiwen Zhang

IPC: H04L29/06 ,  H04L29/08

Abstract: The present disclosure provides systems, methods, and computer-readable media for determining an objective measure of breach exposure of Application Programming Interface (API) infrastructure for microservices. In one aspect, a method includes analyzing header information of Application Programming Interface (API) call stacks between microservices; determining, for each API call stack, corresponding security key information based on the header information; determining location information of each of the microservices; and determining a vulnerability score for each of the microservices based on the corresponding security key information and corresponding location information of each of the microservices.

公开(公告)号：US20220004643A1

公开(公告)日：2022-01-06

申请号：US16919199

申请日：2020-07-02

Applicant: Cisco Technology, Inc.

Inventor： Andy Sloane ,  Ashutosh Kulshreshtha ,  Hiral Shashikant Patel ,  Vimal Jeyakumar ,  Navindra Yadav ,  Florin Stelian Balus

IPC: G06F21/57 ,  G06F16/35 ,  G06F16/953 ,  G06F16/2457 ,  G06N20/00 ,  G06N5/04

Abstract: Systems, methods, and computer-readable for identifying known vulnerabilities in a software product include determining a set of one or more processed words based on applying text classification to one or more names associated with a product, where the text classification is based on analyzing a database of names associated with a database of products Similarity scores are determined between the set of one or more processed words and names associated with one or more known vulnerabilities maintained in a database of known vulnerabilities in products. Equivalence mapping is performed between the one or more names associated with the product and the one or more known vulnerabilities, based on the similarity scores. Known vulnerabilities in the product are identified based on the equivalence mapping.

公开(公告)号：US11102093B2

公开(公告)日：2021-08-24

申请号：US16280894

申请日：2019-02-20

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: G06F21/00 ,  H04L12/26 ,  H04L29/06 ,  G06F9/455 ,  G06N20/00 ,  G06F21/55 ,  G06F21/56 ,  G06F16/28 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/29 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06F16/174 ,  G06F16/23 ,  G06F16/9535 ,  G06N99/00 ,  H04L9/32 ,  H04L12/24 ,  H04L12/715 ,  H04L12/723 ,  H04L29/08 ,  H04L12/851 ,  H04W84/18 ,  G06F21/53 ,  G06F3/0484 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04J3/06 ,  H04J3/14 ,  H04L29/12 ,  H04L12/813 ,  H04L12/823 ,  H04L12/801 ,  H04L12/741 ,  H04L12/833 ,  H04L12/721 ,  G06F3/0482 ,  G06T11/20 ,  H04L12/841 ,  H04L12/725

Abstract: A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.

公开(公告)号：US11088929B2

公开(公告)日：2021-08-10

申请号：US16884449

申请日：2020-05-27

Applicant: Cisco Technology, Inc.

Inventor： Ashutosh Kulshreshtha ,  Navindra Yadav ,  Khawar Deen ,  Jackson Pang ,  Supreeth Rao

IPC: H04L12/26 ,  H04L12/24

Abstract: An application and network analytics platform can capture comprehensive telemetry from servers and network devices operating within a network. The platform can discover flows running through the network, applications generating the flows, servers hosting the applications, computing resources provisioned and consumed by the applications, and network topology, among other insights. The platform can generate various models relating one set of application and network performance metrics to another. For example, the platform can model application latency as a function of computing resources provisioned to and/or actually used by the application, its host's total resources, and/or the distance of its host relative to other elements of the network. The platform can change the model by moving, removing, or adding elements to predict how the change affects application and network performance. In some situations, the platform can automatically act on predictions to improve application and network performance.

公开(公告)号：US20210144073A1

公开(公告)日：2021-05-13

申请号：US17153785

申请日：2021-01-20

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: H04L12/26 ,  H04L29/06 ,  G06F9/455 ,  G06N20/00 ,  G06F21/55 ,  G06F21/56 ,  G06F16/28 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/29 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06F16/174 ,  G06F16/23 ,  G06F16/9535 ,  G06N99/00 ,  H04L9/32 ,  H04L12/24 ,  H04L12/715 ,  H04L12/723 ,  H04L29/08 ,  H04L12/851 ,  H04W84/18 ,  G06F21/53 ,  G06F3/0484 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04J3/06 ,  H04J3/14 ,  H04L29/12 ,  H04L12/813 ,  H04L12/823 ,  H04L12/801 ,  H04L12/741 ,  H04L12/833 ,  H04L12/721 ,  G06F3/0482 ,  G06T11/20 ,  H04L12/841 ,  H04L12/725

Abstract: An example method according to some embodiments includes receiving flow data for a packet traversing a network. The method continues by determining a source endpoint group and a destination endpoint group for the packet. The method continues by determining that a policy was utilized, the policy being applicable to the endpoint group. Finally, the method includes updating utilization data for the policy based on the flow data.