公开(公告)号：US20250039136A1

公开(公告)日：2025-01-30

申请号：US18782949

申请日：2024-07-24

Applicant: Cisco Technology, Inc.

Inventor： John Michael Lake

IPC: H04L9/40 ,  H04L43/50

Abstract: A system and method are provided for continuous integration, continuous deployment of a network component, such as a software-defined wide area network, a firewall, a router, or a load balancer. The network component is tested before deployment by acquiring data flows from a production environment and obtaining an acquired flow table that includes respective entries corresponding to types of data flows that are defined by header information (e.g., 5-tuples or pairs of source and destination addresses, depending at which layer in the OSI model the network component operates). First and second flow tables are generated for the first and second versions of the network component by applying simulated traffic (e.g., derived from the acquired data flows) to the respective versions of the network component. A comparison between the first and second flow tables is evaluated to determine whether second version of the network component can be deployed.

公开(公告)号：US20250036549A1

公开(公告)日：2025-01-30

申请号：US18620350

申请日：2024-03-28

Applicant: Cisco Technology, Inc.

Inventor： John Michael Lake

IPC: G06F11/36

Abstract: A system and method are provided for detecting surprising/anomalous behavior in an upgrade to a program. A first prediction model is obtained to predict the behavior of a current version of the program. A second prediction model is trained using event sets representing a partially or totally ordered set of events realized from executing the upgrade version of the program. First (second) predictions are generated by applying a given event set to the first (second) prediction model. The first predictions are then compared with the second predictions to determine whether the respective prediction agree. When they do not agree, the deviation in the program behavior is signaled (e.g., to an engineer). The first and second predictions can be conditional probabilities of the given event set, and they can be compared using a comparison metric that includes a difference between negative logarithms of the respective predictions.

公开(公告)号：US12212493B2

公开(公告)日：2025-01-28

申请号：US17863879

申请日：2022-07-13

Applicant: Cisco Technology, Inc.

Inventor： Randall Benjamin Pittman ,  Alpesh S. Patel ,  John Michael Lake

IPC: H04L47/11 ,  H04L47/2416 ,  H04L47/35

Abstract: Techniques and architecture are described for inducing precise delays in a network device (network node) that has the capability to act on packets/traffic flows based on policy configurations of the network device and delays experienced by traffic in the network device. This capability may be used for testing and verification of the network device to verify that the network device meets the configured policies. Additionally, this capability may be utilized in an operational network to selectively induce delays and measure its impact for purposes such as, for example, planning, stress testing, resiliency, etc.

公开(公告)号：US20250039239A1

公开(公告)日：2025-01-30

申请号：US18752049

申请日：2024-06-24

Applicant: Cisco Technology, Inc.

Inventor： Vincent Parla ,  Eric Maximilian Roquemore ,  John Michael Lake ,  Andrew Zawadowakiy

IPC: H04L9/40

Abstract: A system and method are provided for placing security operations at selected enforcement points in a distributed security fabric. The enforcement points at which the security operations are placed can be endpoints, nodes, and/or network devices within the network. The security operations can be updated by monitoring data flows through the network to generate network data, and then determining, based on the network data, one or more changes to the security operations, based on the generated network data. Recommended changes can be obtained by applying the network data to a machine-learning model that indicates suspicious data packets (e.g., disseminates packets suspected of being malicious from normal traffic) and crafts new policies to deny the suspicious data packets. Performance of the network can also be improved by analyzing the security operations for redundancies and/or inefficiencies and modifying the security operations to mitigate them.

公开(公告)号：US20250023793A1

公开(公告)日：2025-01-16

申请号：US18493369

申请日：2023-10-24

Applicant: Cisco Technology, Inc.

Inventor： Eric A Voit ,  John Michael Lake ,  Carlos M. Pignataro

IPC: H04L41/147 ,  H04L41/16

Abstract: Techniques for ultra-short-term resource forecasting for a network device are described. A selection of a time series algorithm from a set of time series algorithms for determining capacity right-sizing of a local resource is received, the is selection based at least in part on current local traffic conditions. Based on current local traffic conditions, parameter values to be used in the algorithm are determined, the parameters are associated with the time series algorithm selection. A number of data points for input to the time series algorithm are determined, the data points are a sequence of values representing an amount of the local resource used by the network device at a point in time and are collected at predetermined time intervals. Based on a calculation of the time series algorithm using the number of data points and parameter values, the right-size capacity of the local resource for the network device is determined and provided.

公开(公告)号：US20230362094A1

公开(公告)日：2023-11-09

申请号：US17863879

申请日：2022-07-13

Applicant: Cisco Technology, Inc.

Inventor： Randall Benjamin Pittman ,  Alpesh S. Patel ,  John Michael Lake

IPC: H04L47/11 ,  H04L47/35 ,  H04L47/2416

CPC classification number: H04L47/11 ,  H04L47/35 ,  H04L47/2416

Abstract: Techniques and architecture are described for inducing precise delays in a network device (network node) that has the capability to act on packets/traffic flows based on policy configurations of the network device and delays experienced by traffic in the network device. This capability may be used for testing and verification of the network device to verify that the network device meets the configured policies. Additionally, this capability may be utilized in an operational network to selectively induce delays and measure its impact for purposes such as, for example, planning, stress testing, resiliency, etc.