公开(公告)号：US20200106673A1

公开(公告)日：2020-04-02

申请号：US16145584

申请日：2018-09-28

Applicant: Cisco Technology, Inc.

Inventor： John W. Garrett, JR. ,  Brett Dunstan ,  Jeffrey Owen Apcar

IPC: H04L12/24

Abstract: Techniques for system self-assessment using a state identity vector are described. In one embodiment, a method includes obtaining a policy that includes a combination of a plurality of features and a set of desired values for the features. The method also includes comparing the policy to a device fingerprint for a network device and determining compliance with the policy based on the comparison between the device fingerprint and the combination of features. The device fingerprint comprises a multi-bit word having a plurality of positions, with each position representing a feature associated with the network device. Upon determining that the network device is not in compliance with one or more features included in the combination of features of the policy, the method includes implementing a responsive action by the network device according to a schema that defines instructions for each feature represented by the plurality of positions in the device fingerprint.

公开(公告)号：US20240146659A1

公开(公告)日：2024-05-02

申请号：US17977740

申请日：2022-10-31

Applicant: Cisco Technology, Inc.

Inventor： Xinping Xu ,  David C. White, JR. ,  John W. Garrett, JR. ,  Mark Ammar Rayes ,  Joel Abraham Obstfeld

IPC: H04L47/10 ,  H04L41/06 ,  H04L41/16 ,  H04L43/0876

CPC classification number: H04L47/16 ,  H04L41/06 ,  H04L41/16 ,  H04L43/0876

Abstract: Methods are provided for a collaborative, decentralized insight engineering based on exchanging telemetry vectors with peer network devices. Each network device independently detects a deviation in its functioning using machine learning of generated feature vectors. Specifically, the methods involve obtaining, from at least one peer network device, at least a first feature vector that represents at least one insight generated from telemetry data of a respective peer network device. The intermediate network device and the at least one peer network device are configured to forward packets of a traffic flow. The methods further involve determining whether a deviation related to one or more of the network devices, exists based at least on the first feature vector and performing the at least one predefined action based on determining that the deviation exists.

公开(公告)号：US20200348994A1

公开(公告)日：2020-11-05

申请号：US16934214

申请日：2020-07-21

Applicant: Cisco Technology, Inc.

Inventor： Nidhi Kao ,  Ulf Vinneras ,  John W. Garrett, JR.

IPC: G06F11/00 ,  G06Q10/06 ,  G06F11/07 ,  G06K9/62 ,  G06F17/18 ,  G06N3/04 ,  H04L12/24 ,  G06N20/00

Abstract: A management entity receives device fingerprints representing corresponding devices connected to one or more networks. Each device fingerprint includes a multi-bit word indicating hardware, software, network configuration, and failure features for a corresponding one of the devices. The management entity processes the device fingerprints using different methods including statistical risk of failure scoring methods and machine learning risk of failure scoring methods, to produce from each of the methods a respective risk of failure for each device. The management entity combines the respective risk of failures for each device into a composite risk of failure for each device, ranks the devices based on the composite risk of failures for the devices, to produce a risk ranking of the devices, and outputs the risk ranking.

公开(公告)号：US20200042370A1

公开(公告)日：2020-02-06

申请号：US16050370

申请日：2018-07-31

Applicant: Cisco Technology, Inc.

Inventor： Nidhi Kao ,  Ulf Vinneras ,  John W. Garrett, JR.

IPC: G06F11/00 ,  G06Q10/06 ,  G06F11/07 ,  H04L12/24 ,  G06K9/62 ,  G06F17/18 ,  G06N3/04 ,  G06F15/18

Abstract: A management entity receives device fingerprints representing corresponding devices connected to one or more networks. Each device fingerprint includes a multi-bit word indicating hardware, software, network configuration, and failure features for a corresponding one of the devices. The management entity processes the device fingerprints using different methods including statistical risk of failure scoring methods and machine learning risk of failure scoring methods, to produce from each of the methods a respective risk of failure for each device. The management entity combines the respective risk of failures for each device into a composite risk of failure for each device, ranks the devices based on the composite risk of failures for the devices, to produce a risk ranking of the devices, and outputs the risk ranking.