公开(公告)号：US11888603B2

公开(公告)日：2024-01-30

申请号：US17157957

申请日：2021-01-25

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L29/06 ,  H04L12/26 ,  G06F16/22 ,  H04L9/40 ,  H04L43/08 ,  G06F9/455

CPC classification number: H04L63/20 ,  G06F16/2246 ,  H04L43/08 ,  G06F9/45558 ,  G06F2009/45562 ,  G06F2009/45595 ,  H04L63/20 ,  G06F9/45558

Abstract: In some examples, a system creates a requirement including EPG selectors representing EPG pairs, a traffic selector, and a communication operator; determines that EPGs in distinct pairs are associated with different network contexts and, for each pair, which network context(s) contains associated policies; creates first data representing the pair, operator, and traffic selector; when only one network context contains the associated policies, creates second data representing a network model portion associated with the only network context and determines whether the first data is contained in the second data to yield a first check; when both network contexts contain the associated policies, also creates third data representing a network model portion associated with a second network context, and determines whether the first data is contained in the second and/or third data to yield a second check; and determines whether policies for the pairs comply with the requirement based on the checks.

公开(公告)号：US11044273B2

公开(公告)日：2021-06-22

申请号：US16217500

申请日：2018-12-12

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L29/06 ,  H04L12/24 ,  H04L12/18 ,  H04L12/46

Abstract: Systems, methods, and computer-readable media for configuring and verifying compliance requirements in a network. An example method can include receiving, via a user interface, endpoint group (EPG) inclusion rules defining which EPGs on a network should be included in specific EPG selectors; selecting EPGs that satisfy the EPG inclusion rules for inclusion in the specific EPG selectors; creating the specific EPG selectors based on the selected EPGs; creating a traffic selector including parameters identifying traffic corresponding to the traffic selector; creating a compliance requirement based on a first and second EPG selector from the specific EPG selectors, the traffic selector, and a communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector; determining whether policies on the network comply with the compliance requirement; and generating compliance events indicating whether the policies comply with the compliance requirement.

公开(公告)号：US11150973B2

公开(公告)日：2021-10-19

申请号：US15791339

申请日：2017-10-23

Applicant: Cisco Technology, Inc.

Inventor： Pavan Mamillapalli ,  Shadab Nazar ,  Chetan Narsude ,  Gaurav Gupta ,  Azeem Suleman ,  Jagdev Singh Tur ,  Navjyoti Sharma

IPC: G06F11/00 ,  G06F11/07

Abstract: Aspects of the technology provide methods for aggregating error log data between multiple devices in a network monitoring appliance. A method of the technology can include steps for identifying a plurality of operators running in a network monitoring appliance, instantiating a plurality of sensors, wherein each of the plurality of sensors is associated with a respective one of the plurality of operators, and wherein each sensor is configured to capture error log data of its corresponding operator. In some aspects, the method can further include steps for aggregating error log data from two or more of the plurality of sensors. Systems and machine-readable media are also provided.

公开(公告)号：US20210152607A1

公开(公告)日：2021-05-20

申请号：US17157957

申请日：2021-01-25

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L29/06 ,  G06F16/22 ,  H04L12/26

Abstract: In some examples, a system creates a requirement including EPG selectors representing EPG pairs, a traffic selector, and a communication operator; determines that EPGs in distinct pairs are associated with different network contexts and, for each pair, which network context(s) contains associated policies; creates first data representing the pair, operator, and traffic selector; when only one network context contains the associated policies, creates second data representing a network model portion associated with the only network context and determines whether the first data is contained in the second data to yield a first check; when both network contexts contain the associated policies, also creates third data representing a network model portion associated with a second network context, and determines whether the first data is contained in the second and/or third data to yield a second check; and determines whether policies for the pairs comply with the requirement based on the checks.

公开(公告)号：US20200007583A1

公开(公告)日：2020-01-02

申请号：US16217559

申请日：2018-12-12

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L29/06

Abstract: Systems, methods, and computer-readable media for assurance of rules in a network. An example method can include creating a compliance requirement including a first endpoint group (EPG) selector, a second EPG selector, a traffic selector, and a communication operator, the first and second EPG selectors representing sets of EPGs and the communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector. The method can include creating, for each distinct pair of EPGs, a first respective data structure representing the distinct pair of EPGs, the communication operator, and the traffic selector; creating a second respective data structure representing a logical model of the network; determining whether the first respective data structure is contained in the second respective data structure to yield a containment check; and determining whether policies on the network comply with the compliance requirement based on the containment check.

公开(公告)号：US11218508B2

公开(公告)日：2022-01-04

申请号：US16217559

申请日：2018-12-12

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L29/06

Abstract: Systems, methods, and computer-readable media for assurance of rules in a network. An example method can include creating a compliance requirement including a first endpoint group (EPG) selector, a second EPG selector, a traffic selector, and a communication operator, the first and second EPG selectors representing sets of EPGs and the communication operator defining a communication condition for traffic associated with the first and second EPG selectors and the traffic selector. The method can include creating, for each distinct pair of EPGs, a first respective data structure representing the distinct pair of EPGs, the communication operator, and the traffic selector; creating a second respective data structure representing a logical model of the network; determining whether the first respective data structure is contained in the second respective data structure to yield a containment check; and determining whether policies on the network comply with the compliance requirement based on the containment check.

公开(公告)号：US10554477B2

公开(公告)日：2020-02-04

申请号：US15703029

申请日：2017-09-13

Applicant: Cisco Technology, Inc.

Inventor： Shadab Nazar ,  Navneet Yadav ,  Azeem Suleman ,  Pavan Mamillapalli ,  John Thomas Monk ,  Chetan Narsude ,  Navjyoti Sharma ,  Gaurav Gupta

IPC: G06F15/173 ,  H04L12/24 ,  H04L12/26 ,  H04L29/06

Abstract: Systems, methods, and computer-readable media for aggregating and presenting network events in a network environment. In some embodiments, a system can maintain event correlation rules for aggregating \network events occurring in a network based on characteristics of previously occurring network events. Network events occurring in the specific network environment can be identified. The network events can be aggregated to form an aggregated network event using the event correlation rules maintained based on the characteristics of previously occurring network events. The aggregated network event can subsequently be presented to a user.

公开(公告)号：US20190081850A1

公开(公告)日：2019-03-14

申请号：US15703029

申请日：2017-09-13

Applicant: Cisco Technology, Inc.

Inventor： Shadab Nazar ,  Navneet Yadav ,  Azeem Suleman ,  Pavan Mamillapalli ,  John Thomas Monk ,  Chetan Narsude ,  Navjyoti Sharma ,  Gaurav Gupta

IPC: H04L12/24 ,  H04L12/26

Abstract: Systems, methods, and computer-readable media for aggregating and presenting network events in a network environment. In some embodiments, a system can maintain event correlation rules for aggregating \network events occurring in a network based on characteristics of previously occurring network events. Network events occurring in the specific network environment can be identified. The network events can be aggregated to form an aggregated network event using the event correlation rules maintained based on the characteristics of previously occurring network events. The aggregated network event can subsequently be presented to a user.

公开(公告)号：US20180365096A1

公开(公告)日：2018-12-20

申请号：US15791339

申请日：2017-10-23

Applicant: Cisco Technology, Inc.

Inventor： Pavan Mamillapalli ,  Shadab Nazar ,  Chetan Narsude ,  Gaurav Gupta ,  Azeem Suleman ,  Jagdev Singh Tur ,  Navjyoti Sharma

IPC: G06F11/07

Abstract: Aspects of the technology provide methods for aggregating error log data between multiple devices in a network monitoring appliance. A method of the technology can include steps for identifying a plurality of operators running in a network monitoring appliance, instantiating a plurality of sensors, wherein each of the plurality of sensors is associated with a respective one of the plurality of operators, and wherein each sensor is configured to capture error log data of its corresponding operator. In some aspects, the method can further include steps for aggregating error log data from two or more of the plurality of sensors. Systems and machine-readable media are also provided.

公开(公告)号：US20240146774A1

公开(公告)日：2024-05-02

申请号：US18495305

申请日：2023-10-26

Applicant: Cisco Technology, Inc.

Inventor： Advait Dixit ,  Navneet Yadav ,  Navjyoti Sharma ,  Ramana Rao Kompella ,  Kartik Mohanram

IPC: H04L9/40 ,  G06F16/22 ,  H04L43/08

CPC classification number: H04L63/20 ,  G06F16/2246 ,  H04L43/08 ,  G06F2009/45595

Abstract: In some examples, a system creates a requirement including EPG selectors representing EPG pairs, a traffic selector, and a communication operator; determines that EPGs in distinct pairs are associated with different network contexts and, for each pair, which network context(s) contains associated policies; creates first data representing the pair, operator, and traffic selector; when only one network context contains the associated policies, creates second data representing a network model portion associated with the only network context and determines whether the first data is contained in the second data to yield a first check; when both network contexts contain the associated policies, also creates third data representing a network model portion associated with a second network context, and determines whether the first data is contained in the second and/or third data to yield a second check; and determines whether policies for the pairs comply with the requirement based on the checks.