-
公开(公告)号:US11388175B2
公开(公告)日:2022-07-12
申请号:US16562017
申请日:2019-09-05
Applicant: Cisco Technology, Inc.
Inventor: Gangadharan Byju Pularikkal , Santosh Ramrao Patil , Paul Wayne Bigbee , Darrin Joseph Miller , Madhusudan Nanjanagud
Abstract: The present technology pertains to a system that routes application flows. The system can receive an application flow from a device by an active threat detection agent; analyze the application flow for user context, device context, and application context; classify the application flow based on the analysis of the application flow; and direct the application flow according to the classification of the application flow and an application access policy.
-
公开(公告)号:US20210119971A1
公开(公告)日:2021-04-22
申请号:US16985664
申请日:2020-08-05
Applicant: Cisco Technology, Inc.
Inventor: Saravanan Radhakrishnan , Anand Oswal , Ashwin Kumar , Paul Wayne Bigbee , Darrin Joseph Miller
IPC: H04L29/06
Abstract: Systems and methods are provided for receiving, at a network device, a first set of rules from a security controller of an enterprise network, the first set of rules being different from a second set of rules provided to a firewall by the security controller, implementing, at the network device, the first set of rules received from the security controller, generating, at the network device, a first log including metadata based on the first set of rules, the first log being generated on a per flow basis, notifying, at the network device, a NetFlow of the first log including the metadata of the first set of rules, and providing, from the network device, the first log to a cloud-log store by the NetFlow of the network device, the cloud-log store receiving the first log from the network device and a second log from the firewall.
-
公开(公告)号:US20210119859A1
公开(公告)日:2021-04-22
申请号:US16991556
申请日:2020-08-12
Applicant: Cisco Technology, Inc.
Inventor: Saravanan Radhakrishnan , Anand Oswal , Paul Wayne Bigbee , Darrin Joseph Miller , Thomas Leslie Peter Wood
Abstract: Systems and methods are provided for receiving service instructions from a client regarding a network function at a network element, the service instructions including a table of network policies and rules, receiving data from a first edge node of a network fabric, processing the data received from the first edge node according to the service instructions regarding the network function, and providing the processed data to a second edge node of the network fabric based on the service instructions.
-
公开(公告)号:US11985110B2
公开(公告)日:2024-05-14
申请号:US17932092
申请日:2022-09-14
Applicant: Cisco Technology, Inc.
Inventor: Saravanan Radhakrishnan , Anand Oswal , Ashwin Kumar , Paul Wayne Bigbee , Darrin Joseph Miller
CPC classification number: H04L63/0263 , H04L63/101 , H04L63/20
Abstract: Systems and methods are provided for receiving, at a network device, a first set of rules from a security controller of an enterprise network, the first set of rules being different from a second set of rules provided to a firewall by the security controller, implementing, at the network device, the first set of rules received from the security controller, generating, at the network device, a first log including metadata based on the first set of rules, the first log being generated on a per flow basis, notifying, at the network device, a NetFlow of the first log including the metadata of the first set of rules, and providing, from the network device, the first log to a cloud-log store by the NetFlow of the network device, the cloud-log store receiving the first log from the network device and a second log from the firewall.
-
Patent Agency Ranking
公开(公告)号:US20190104144A1
公开(公告)日:2019-04-04
申请号:US15720553
申请日:2017-09-29
Applicant: Cisco Technology, Inc.
Inventor: Matthew Scott Robertson , Darrin Joseph Miller , Sunil Navinchandra Amin , Paul Wayne Bigbee
Abstract: In one example embodiment, a threat detection server receives metadata of a network flow in a network; a zone definition that correlates the metadata of the network flow with a first zone of network devices in the network and a second zone of network devices in the network, where the network flow was transmitted from the first zone to the second zone; and a security policy for the network flow, where the security policy is enforced on the basis of the first zone and the second zone. Based on the zone definition, the threat detection server annotates a flow record that includes the metadata with an indication of the first zone and the second zone. Based on the annotated flow record and the security policy, the threat detection server determines whether to generate a notification associated with a detection of a security threat associated with the network flow.
-
公开(公告)号:US20230014351A1
公开(公告)日:2023-01-19
申请号:US17932092
申请日:2022-09-14
Applicant: Cisco Technology, Inc.
Inventor: Saravanan Radhakrishnan , Anand Oswal , Ashwin Kumar , Paul Wayne Bigbee , Darrin Joseph Miller
IPC: H04L9/40
Abstract: Systems and methods are provided for receiving, at a network device, a first set of rules from a security controller of an enterprise network, the first set of rules being different from a second set of rules provided to a firewall by the security controller, implementing, at the network device, the first set of rules received from the security controller, generating, at the network device, a first log including metadata based on the first set of rules, the first log being generated on a per flow basis, notifying, at the network device, a NetFlow of the first log including the metadata of the first set of rules, and providing, from the network device, the first log to a cloud-log store by the NetFlow of the network device, the cloud-log store receiving the first log from the network device and a second log from the firewall.
-
公开(公告)号:US20210075799A1
公开(公告)日:2021-03-11
申请号:US16562017
申请日:2019-09-05
Applicant: Cisco Technology, Inc.
Inventor: Gangadharan Byju Pularikkal , Santosh Ramrao Patil , Paul Wayne Bigbee , Darrin Joseph Miller , Madhusudan Nanjanagud
IPC: H04L29/06 , H04L12/721 , G06K9/62 , G06N20/00
Abstract: The present technology pertains to a system that routes application flows. The system can receive an application flow from a device by an active threat detection agent; analyze the application flow for user context, device context, and application context; classify the application flow based on the analysis of the application flow; and direct the application flow according to the classification of the application flow and an application access policy.
-
公开(公告)号:US11483290B2
公开(公告)日:2022-10-25
申请号:US16985664
申请日:2020-08-05
Applicant: Cisco Technology, Inc.
Inventor: Saravanan Radhakrishnan , Anand Oswal , Ashwin Kumar , Paul Wayne Bigbee , Darrin Joseph Miller
Abstract: Systems and methods are provided for receiving, at a network device, a first set of rules from a security controller of an enterprise network, the first set of rules being different from a second set of rules provided to a firewall by the security controller, implementing, at the network device, the first set of rules received from the security controller, generating, at the network device, a first log including metadata based on the first set of rules, the first log being generated on a per flow basis, notifying, at the network device, a NetFlow of the first log including the metadata of the first set of rules, and providing, from the network device, the first log to a cloud-log store by the NetFlow of the network device, the cloud-log store receiving the first log from the network device and a second log from the firewall.
-
公开(公告)号:US10855705B2
公开(公告)日:2020-12-01
申请号:US15720553
申请日:2017-09-29
Applicant: Cisco Technology, Inc.
Inventor: Matthew Scott Robertson , Darrin Joseph Miller , Sunil Navinchandra Amin , Paul Wayne Bigbee
Abstract: In one example embodiment, a threat detection server receives metadata of a network flow in a network; a zone definition that correlates the metadata of the network flow with a first zone of network devices in the network and a second zone of network devices in the network, where the network flow was transmitted from the first zone to the second zone; and a security policy for the network flow, where the security policy is enforced on the basis of the first zone and the second zone. Based on the zone definition, the threat detection server annotates a flow record that includes the metadata with an indication of the first zone and the second zone. Based on the annotated flow record and the security policy, the threat detection server determines whether to generate a notification associated with a detection of a security threat associated with the network flow.
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.022 seconds)
