知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

8 records (took 0.015 seconds)

    Application-centric enforcement for multi-tenant workloads with multi site data center fabrics
    5.
    发明授权
    Application-centric enforcement for multi-tenant workloads with multi site data center fabrics 有权

    公开(公告)号:US11184325B2

    公开(公告)日:2021-11-23

    申请号:US16431615

    申请日:2019-06-04

    Applicant: Cisco Technology, Inc.

    Inventor: Murukanandam K. Panchalingam Umamaheswararao Karyampudi Muralidhar Annabatula Darpan R. Kathoke Junyun Li

    IPC: H04L29/06 H04L29/08

    Abstract: The present disclosure provides for application-centric enforcement for multi-tenant workloads with multi-site data center fabrics by: receiving, at a local switch at a first site, a packet from a first host at the first site intended for a second host located at a second site; identifying class identifiers (ID) for the hosts; determining, based on the class IDs, a security policy for transmitting data between the hosts; in response to determining that the security policy indicates that the second site exclusively manages security policies for the hosts' network: setting a policy applied indicator on the packet indicating that enforcement of the security policy is delegated from the first switch to a second switch connected to the second host; including the class IDs in the packet; and transmitting the packet to the second site.

    POLICY REMAPPING UPON NETWORK EVENTS
    6.
    发明公开
    POLICY REMAPPING UPON NETWORK EVENTS 审中-公开

    公开(公告)号:US20240275727A1

    公开(公告)日:2024-08-15

    申请号:US18166571

    申请日:2023-02-09

    Applicant: Cisco Technology, Inc.

    Inventor: Kiran Sasidharan Pillai Rajagopalan Janakiraman Murukanandam Panchalingam Muralidhar Annabatula

    IPC: H04L47/2441

    CPC classification number: H04L47/2441

    Abstract: The techniques described herein relate to a method including: generating a first network policy and a second network policy at a forwarding device within a network, wherein the first network policy is applied to a first traffic classification and the second network policy is applied to a second traffic classification; obtaining first traffic from an endpoint device; classifying the first traffic with the first traffic classification; applying, at the forwarding device, the first network policy to the first traffic; obtaining, at the forwarding device, an indication of a network event within the network; obtaining second traffic from the endpoint device; classifying the second traffic with the second traffic classification in response to obtaining the indication of the network event; and applying, at the forwarding device, the second network policy to the second traffic.

    Policy consolidation for auto-orchestrated data centers
    7.
    发明授权
    Policy consolidation for auto-orchestrated data centers 有权

    公开(公告)号:US11303611B1

    公开(公告)日:2022-04-12

    申请号:US16525270

    申请日:2019-07-29

    Applicant: Cisco Technology, Inc.

    Inventor: Umamaheswararao Karyampudi Murukanandam K. Panchalingam Muralidhar Annabatula Madhuryamayi Mani Darpan R. Kathoke Chong M. Tan Azeem M. Suleman

    IPC: H04L29/06

    Abstract: Techniques for generating and enforcing whitelist security policies in a communication network are disclosed. A first plurality of whitelist policies are consolidated into a second plurality of whitelist policies based on populating a plurality of tables. The populated tables include a first table including pairs of endpoints and associating each pair of endpoints with a service identifier, and a second table associating the service identifiers with the policy identifiers. The second plurality of whitelist policies are programmed into a network device in the communication network, based on at least one of the plurality of tables. Rules governing traffic between the pair of endpoints are enforced, at the network device, using the programmed second plurality of whitelist policies.

    DISTRIBUTED POLICY ENFORCEMENT PROXY WITH DYNAMIC EPG SHARDING
    8.
    发明申请
    DISTRIBUTED POLICY ENFORCEMENT PROXY WITH DYNAMIC EPG SHARDING 有权

    公开(公告)号:US20220021707A1

    公开(公告)日:2022-01-20

    申请号:US16931610

    申请日:2020-07-17

    Applicant: Cisco Technology, Inc.

    Inventor: Murukanandam Kamalam Panchalingam Umamaheswararao Karyampudi Junyun Li Muralidhar Annabatula Ronak K. Desai Thomas J. Edsall

    IPC: H04L29/06 H04L12/24 H04L12/813 H04L29/08 H04L12/803

    Abstract: A distributed policy proxy system offloads network policy processing from an overloaded network element to policy proxy network elements. A network controller detects that policy resources are overloaded at a network element, and selects a group of policy proxy network elements. The network controller assigns an exclusive range of endpoint groups to each policy proxy network element. Each policy proxy network element is assigned to handle policy processing for its assigned range of endpoint groups. The network controller provides instructions to the policy proxy network elements to enable each policy proxy network element to apply the network policy for its assigned range of endpoint groups. The network controller also provides instructions to the overloaded network element to redirect a packet from the first endpoint group to a first policy proxy network element based on a destination of the packet.

Patent Agency Ranking