公开(公告)号：US11765046B1

公开(公告)日：2023-09-19

申请号：US16188979

申请日：2018-11-13

Applicant: Cisco Technology, Inc.

Inventor： Weifei Zeng ,  Omid Madani ,  Varun Malhotra ,  Paul Mach ,  Yash Vipul Doshi ,  Sayeed Mohammed Tasnim ,  Thanh Nhan Thi Nguyen ,  Navindra Yadav ,  Shashi Gandham

IPC: H04L41/16 ,  H04L41/0893 ,  G06N20/00 ,  G06F16/9532

CPC classification number: H04L41/16 ,  G06F16/9532 ,  G06N20/00 ,  H04L41/0893

Abstract: This disclosure provides solutions for automatically grouping network devices (e.g., endpoints) into clusters based on device characteristics. In some aspects, the disclosed technology also provides solutions for generating user selectable queries based on cluster characteristics. A process of the disclosed technology can include steps for identifying one or more device characteristics associated with a first network device, identifying one or more cluster characteristics for each of a first cluster and a second cluster, and comparing the device characteristics associated with the first network device with the one or more cluster characteristics for the first cluster and the second cluster. The process can further include steps for adding the first network device to the first cluster based on the cluster characteristics for the first cluster and the device characteristics for the first network device. Systems and machine-readable media are also provided.

公开(公告)号：US20200220780A1

公开(公告)日：2020-07-09

申请号：US16820404

申请日：2020-03-16

Applicant: Cisco Technology, Inc.

Inventor： Rohit Prasad ,  Shashi Gandham ,  Hoang Nguyen ,  Abhishek Singh ,  Shih-Chun Chang ,  Navindra Yadav ,  Ali Parandehgheibi ,  Paul Mach ,  Rachita Agasthy ,  Ravi Prasad ,  Varun Malhotra ,  Michael Watts ,  Sunil Gupta

IPC: H04L12/24

Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.

公开(公告)号：US11646940B2

公开(公告)日：2023-05-09

申请号：US17482411

申请日：2021-09-22

Applicant: Cisco Technology, Inc.

Inventor： Rohit Prasad ,  Shashi Gandham ,  Hoang Nguyen ,  Abhishek Singh ,  Shih-Chun Chang ,  Navindra Yadav ,  Ali Parandehgheibi ,  Paul Mach ,  Rachita Agasthy ,  Ravi Prasad ,  Varun Malhotra ,  Michael Watts ,  Sunil Gupta

IPC: H04L41/0893 ,  H04L41/0853

CPC classification number: H04L41/0893 ,  H04L41/0856

Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.

公开(公告)号：US11146454B2

公开(公告)日：2021-10-12

申请号：US16820404

申请日：2020-03-16

Applicant: Cisco Technology, Inc.

Inventor： Rohit Prasad ,  Shashi Gandham ,  Hoang Nguyen ,  Abhishek Singh ,  Shih-Chun Chang ,  Navindra Yadav ,  Ali Parandehgheibi ,  Paul Mach ,  Rachita Agasthy ,  Ravi Prasad ,  Varun Malhotra ,  Michael Watts ,  Sunil Gupta

IPC: H04L12/24

Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.

公开(公告)号：US11627166B2

公开(公告)日：2023-04-11

申请号：US17063864

申请日：2020-10-06

Applicant: Cisco Technology, Inc.

Inventor： Weifei Zeng ,  Sai Ankith Averineni ,  Omid Madani ,  Paul Mach ,  Yash Vipul Doshi ,  Sasidhar Evuru ,  Sayeed Mohammed Tasnim ,  Sameer Salim Mahomed Ali Ladiwala ,  Chakradhar Reddy Vangeti ,  Thanh Nhan Nguyen ,  Varun Malhotra ,  Shashidhar Gandham ,  Navindra Yadav ,  Thanh Trung Ngo ,  Maxwell Aaron Mechanic

IPC: H04L9/40 ,  H04L41/0893 ,  H04L41/14 ,  H04L47/2483

Abstract: The present disclosure relates to methods, systems, and non-transitory computer readable media for discovering policy scopes within an enterprise network and managing network policies for discovered policy scopes. In one aspect, a method includes identifying one or more communities of devices in an enterprise network; defining, from the one or more communities of devices, policy scopes in the enterprise network; generating a hierarchical representation of the policy scopes; identifying, based on the hierarchical representation of the policy scopes, one or more policies governing traffic flow between devices associated with each of the policy scopes; and managing application of the one or more policies at the devices.

公开(公告)号：US20220014436A1

公开(公告)日：2022-01-13

申请号：US17482411

申请日：2021-09-22

Applicant: Cisco Technology, Inc.

Inventor： Rohit Prasad ,  Shashi Gandham ,  Hoang Nguyen ,  Abhishek Singh ,  Shih-Chun Chang ,  Navindra Yadav ,  Ali Parandehgheibi ,  Paul Mach ,  Rachita Agasthy ,  Ravi Prasad ,  Varun Malhotra ,  Michael Watts ,  Sunil Gupta

IPC: H04L12/24

Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.

公开(公告)号：US20230283520A1

公开(公告)日：2023-09-07

申请号：US18314025

申请日：2023-05-08

Applicant: Cisco Technology, Inc.

Inventor： Rohit Prasad ,  Shashi Gandham ,  Hoang Nguyen ,  Abhishek Singh ,  Shih-Chun Chang ,  Navindra Yadav ,  Ali Parandehgheibi ,  Paul Mach ,  Rachita Agasthy ,  Ravi Prasad ,  Varun Malhotra ,  Michael Watts ,  Sunil Gupta

IPC: H04L41/0893 ,  H04L41/0853

CPC classification number: H04L41/0893 ,  H04L41/0856

Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.

公开(公告)号：US20220109701A1

公开(公告)日：2022-04-07

申请号：US17063864

申请日：2020-10-06

Applicant: Cisco Technology, Inc.

Inventor： Weifei Zeng ,  Sai Ankith Averineni ,  Omid Madani ,  Paul Mach ,  Yash Vipul Doshi ,  Sasidhar Evuru ,  Sayeed Mohammed Tasnim ,  Sameer Salim Mahomed Ali Ladiwala ,  Chakradhar Reddy Vangeti ,  Thanh Nhan Nguyen ,  Varun Malhotra ,  Shashidhar Gandham ,  Navindra Yadav ,  Thanh Trung Ngo ,  Maxwell Aaron Mechanic

IPC: H04L29/06 ,  H04L12/851 ,  H04L12/24

Abstract: The present disclosure relates to methods, systems, and non-transitory computer readable media for discovering policy scopes within an enterprise network and managing network policies for discovered policy scopes. In one aspect, a method includes identifying one or more communities of devices in an enterprise network; defining, from the one or more communities of devices, policy scopes in the enterprise network; generating a hierarchical representation of the policy scopes; identifying, based on the hierarchical representation of the policy scopes, one or more policies governing traffic flow between devices associated with each of the policy scopes; and managing application of the one or more policies at the devices.

公开(公告)号：US10594560B2

公开(公告)日：2020-03-17

申请号：US15470410

申请日：2017-03-27

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Rohit Prasad ,  Shashi Gandham ,  Hoang Nguyen ,  Abhishek Singh ,  Shih-Chun Chang ,  Navindra Yadav ,  Ali Parandehgheibi ,  Paul Mach ,  Rachita Agasthy ,  Ravi Prasad ,  Varun Malhotra ,  Michael Watts ,  Sunil Gupta

IPC: H04L12/24

Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.

公开(公告)号：US20180278480A1

公开(公告)日：2018-09-27

申请号：US15470410

申请日：2017-03-27

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Rohit Prasad ,  Shashi Gandham ,  Hoang Nguyen ,  Abhishek Singh ,  Shih-Chun Chang ,  Navindra Yadav ,  Ali Parandehgheibi ,  Paul Mach ,  Rachita Agasthy ,  Ravi Prasad ,  Varun Malhotra ,  Michael Watts ,  Sunil Gupta

IPC: H04L12/24

Abstract: The disclosed technology relates to intent driven network management. A system is configured to maintain an inventory store comprising records for a set of network entities in a network, wherein each network entity in the set of network entities is associated with a record in the inventory store. The system receives a user intent statement comprising an action and a flow filter representing network data flows on which the action is to be applied and queries, based on the flow filter, the inventory store to identify a plurality of network entities in the set of network entities to which the user intent statement applies. The system generates a plurality of network policies that implement the user intent statement based on the plurality of network entities and the action and enforces the plurality network policies.