-
公开(公告)号:US20160277262A1
公开(公告)日:2016-09-22
申请号:US14664752
申请日:2015-03-20
Applicant: CISCO TECHNOLOGY, INC.
Inventor: Vivek Santuka , Aaron Troy Woland , Jesse Ryan Dubois , Ramesh Nampelly
IPC: H04L12/26
Abstract: In one embodiment, a method includes receiving at a policy server, a request to trace a session at the policy server, tracing the session at the policy server, wherein tracing comprises running the session and identifying access results from the trace, and transmitting the access results from the policy server to a network device requesting the trace. An apparatus and logic are also disclosed herein.
Abstract translation: 在一个实施例中,一种方法包括在策略服务器处接收跟踪策略服务器上的会话的请求,跟踪策略服务器处的会话,其中跟踪包括运行会话并从跟踪中识别访问结果,以及发送访问 从策略服务器到请求跟踪的网络设备的结果。 本文还公开了一种装置和逻辑。
-
公开(公告)号:US11711342B2
公开(公告)日:2023-07-25
申请号:US16746170
申请日:2020-01-17
Applicant: Cisco Technology, Inc.
Inventor: Andrew E. Ossipov , Aaron Troy Woland
IPC: H04L1/00 , H04L9/40 , H04L61/58 , H04L61/4511
CPC classification number: H04L63/0236 , H04L61/4511 , H04L61/58 , H04L63/20
Abstract: A network security device has at least one Fully Qualified Domain Name (FQDN) access policy that permits traffic to flow to at least one resource associated with at least one FQDN. The network security device receives, from a managed endpoint device, a packet directed to the at least one resource associated with the at least one FQDN. The network security device obtains DNS information associated with the managed endpoint device and, based on the domain name system (DNS) information, substitutes a network address of the at least one resource into the at least one FQDN access policy to open a traffic flow to the at least one resource associated with the at least one FQDN. The network security device then provides the packet to the at least one resource associated with the at least one FQDN.
-
公开(公告)号:US20210226918A1
公开(公告)日:2021-07-22
申请号:US16746170
申请日:2020-01-17
Applicant: Cisco Technology, Inc.
Inventor: Andrew E. Ossipov , Aaron Troy Woland
Abstract: A network security device has at least one Fully Qualified Domain Name (FQDN) access policy that permits traffic to flow to at least one resource associated with at least one FQDN. The network security device receives, from a managed endpoint device, a packet directed to the at least one resource associated with the at least one FQDN. The network security device obtains DNS information associated with the managed endpoint device and, based on the domain name system (DNS) information, substitutes a network address of the at least one resource into the at least one FQDN access policy to open a traffic flow to the at least one resource associated with the at least one FQDN. The network security device then provides the packet to the at least one resource associated with the at least one FQDN.
-
4.发明授权公开(公告)号:US10212039B1
公开(公告)日:2019-02-19
申请号:US15434859
申请日:2017-02-16
Applicant: Cisco Technology, Inc.
Inventor: Vivek Santuka , Aaron Troy Woland , Pok Sze Wong , Jesse Ryan Dubois , Kannan Muthusamy
Abstract: A management server communicates with an authentication server that authenticates endpoints, which are configured to connect wirelessly with access points (APs) controlled by respective ones of a plurality of controllers. Weights for the APs and the controllers are stored. Event logs detailing requests for authentication of the endpoints are received. For each request, roaming conditions for the endpoint that triggered the request are determined. Also, a respective weight of one or more of the AP connected with the endpoint and of the controller that controls the AP is increased by a respective amount depending on whether the roaming conditions are caused by the AP and the controller being improperly configured or properly configured. Identities of ones of the APs and the controllers having weights that exceed one or more weight thresholds each indicative of an improperly configured AP or controller are stored.
-
-
-
Search Results
4
records
(took 0.02 seconds)
