公开(公告)号：US11150973B2

公开(公告)日：2021-10-19

申请号：US15791339

申请日：2017-10-23

Applicant: Cisco Technology, Inc.

Inventor： Pavan Mamillapalli ,  Shadab Nazar ,  Chetan Narsude ,  Gaurav Gupta ,  Azeem Suleman ,  Jagdev Singh Tur ,  Navjyoti Sharma

IPC: G06F11/00 ,  G06F11/07

Abstract: Aspects of the technology provide methods for aggregating error log data between multiple devices in a network monitoring appliance. A method of the technology can include steps for identifying a plurality of operators running in a network monitoring appliance, instantiating a plurality of sensors, wherein each of the plurality of sensors is associated with a respective one of the plurality of operators, and wherein each sensor is configured to capture error log data of its corresponding operator. In some aspects, the method can further include steps for aggregating error log data from two or more of the plurality of sensors. Systems and machine-readable media are also provided.

公开(公告)号：US20180367435A1

公开(公告)日：2018-12-20

申请号：US15713319

申请日：2017-09-22

Applicant: Cisco Technology, Inc.

Inventor： Shadab Nazar ,  Pavan Mamillapalli ,  Chetan Narsude ,  Gaurav Gupta ,  Azeem Suleman ,  Sravya Boggavarapu ,  Jose Delgado

IPC: H04L12/26 ,  H04L12/24

Abstract: Aspects of the technology provide methods for simulating a failure in a tenant network. In some aspects, a monitoring appliance of the disclosed technology can be configured to carry out operations for receiving packets at a virtual device in the monitoring appliance, from a corresponding network device in the tenant network, and instantiating a firewall at the virtual device, wherein the firewall is configured to selectively block traffic routed from the network device to the virtual device in the monitoring appliance. The monitoring appliance can simulate failure of the network device by blocking traffic from the network device to the virtual device using the firewall, and analyze the tenant network to determine a predicted impact a failure of the network device would have on the tenant network. Systems and machine-readable media are also provided.

公开(公告)号：US11750463B2

公开(公告)日：2023-09-05

申请号：US17394285

申请日：2021-08-04

Applicant: Cisco Technology, Inc.

Inventor： Chetan Narsude ,  Gaurav Gupta ,  Shadab Nazar ,  Pavan Mamillapalli ,  Sundar Iyer

IPC: H04L41/0896 ,  H04L43/103 ,  H04L41/16 ,  G06F11/34 ,  H04L41/0853 ,  H04L41/14 ,  H04L41/147 ,  H04L41/12 ,  H04L41/5025 ,  H04L41/5067 ,  H04L43/10 ,  H04L41/5019

CPC classification number: H04L41/0896 ,  G06F11/3466 ,  H04L41/0853 ,  H04L41/12 ,  H04L41/145 ,  H04L41/147 ,  H04L41/16 ,  H04L43/103 ,  H04L41/5019 ,  H04L41/5025 ,  H04L41/5067 ,  H04L43/10

Abstract: Aspects of the technology provide solutions for determining a time period (“epoch”) required to monitor or analyze a tenant network. Some implementations of the technology include a process for making automatic epoch determinations, which includes steps for identifying one or more network parameters for a tenant network, analyzing the tenant network using the network parameters to discover one or more configuration settings of the tenant network, and determining a first epoch for the tenant network, the first epoch corresponding with a period of time to complete analysis of the tenant network using the network parameters. In some aspects, the process can further include steps for generating a tenant profile for the tenant network, the tenant profile based on the network parameters, the first epoch, and the one or more configuration settings of the tenant network. Systems and machine-readable media are also provided.

公开(公告)号：US11716265B2

公开(公告)日：2023-08-01

申请号：US17401354

申请日：2021-08-13

Applicant: Cisco Technology, Inc.

Inventor： Shadab Nazar ,  Pavan Mamillapalli ,  Azeem Suleman ,  Jagdev singh Tur ,  Ayas Pani

IPC: G06F15/173 ,  H04L43/04 ,  H04L43/0823 ,  H04L41/142 ,  H04L41/22

CPC classification number: H04L43/04 ,  H04L41/142 ,  H04L43/0823 ,  H04L41/22

Abstract: Systems, methods, and computer-readable media for detecting and reporting anomalies in a network environment for providing network assurance. In some embodiments, a system can determine confidence scores for at least one value of parameters of a network environment defining network events occurring in the network environment. The confidences scores can indicate a frequency that the defined network events have a specific event state. The confidence scores can be monitored to detect an anomaly in the network environment. In response to detecting the anomaly in the network environment, the system can determine a relevant network state of the network environment. The relevant network state of the network environment and the anomaly in the network environment can be presented to a user.

公开(公告)号：US11411803B2

公开(公告)日：2022-08-09

申请号：US17039688

申请日：2020-09-30

Applicant: Cisco Technology, Inc.

Inventor： Praveen Tammana ,  Chandra Nagarajan ,  Pavan Mamillapalli ,  Ramana Rao Kompella

IPC: H04L41/0631 ,  H04L41/069

Abstract: Systems, methods, and computer-readable media for localizing faults in a network policy are disclosed. In some examples, a system or method can obtain TCAM rules across a network and use the TCAM rules to perform an equivalency check between the logical model and the hardware model of the network policy. One or more risk models are annotated with output from the equivalency check and the risk models are used to identify a set of policy objects of the network policy that are likely responsible for the faults. The identified set of policy objects are correlated with various logs of the network. Based on the correlation, specific policy objects of the set of policy objects that are associated with physical-level causes of the fault.

公开(公告)号：US11469986B2

公开(公告)日：2022-10-11

申请号：US15713319

申请日：2017-09-22

Applicant: Cisco Technology, Inc.

Inventor： Shadab Nazar ,  Pavan Mamillapalli ,  Chetan Narsude ,  Gaurav Gupta ,  Azeem Suleman ,  Sravya Boggavarapu ,  Jose Delgado

IPC: H04L43/50 ,  H04L41/0893 ,  H04L41/14 ,  H04L41/147

Abstract: Aspects of the technology provide methods for simulating a failure in a tenant network. In some aspects, a monitoring appliance of the disclosed technology can be configured to carry out operations for receiving packets at a virtual device in the monitoring appliance, from a corresponding network device in the tenant network, and instantiating a firewall at the virtual device, wherein the firewall is configured to selectively block traffic routed from the network device to the virtual device in the monitoring appliance. The monitoring appliance can simulate failure of the network device by blocking traffic from the network device to the virtual device using the firewall, and analyze the tenant network to determine a predicted impact a failure of the network device would have on the tenant network. Systems and machine-readable media are also provided.

公开(公告)号：US11258657B2

公开(公告)日：2022-02-22

申请号：US16829952

申请日：2020-03-25

Applicant: Cisco Technology, Inc.

Inventor： Praveen Tammana ,  Chandra Nagarajan ,  Pavan Mamillapalli ,  Ramana Rao Kompella

IPC: H04L12/24 ,  H04L41/0677 ,  H04L41/22 ,  H04L41/0893 ,  H04L41/14 ,  H04L41/147

Abstract: Systems, methods, and computer-readable media for localizing faults in a network policy are disclosed. In some examples, a system or method can obtain TCAM rules across a network and use the TCAM rules to perform an equivalency check between the logical model and the hardware model of the network policy. One or more risk models are annotated with output from the equivalency check and the risk models are used to identify a set of policy objects of the network policy that are likely responsible for the faults.

公开(公告)号：US10812318B2

公开(公告)日：2020-10-20

申请号：US15719064

申请日：2017-09-28

Applicant: Cisco Technology, Inc.

Inventor： Praveen Tammana ,  Chandra Nagarajan ,  Pavan Mamillapalli ,  Ramana Rao Kompella

IPC: H04L12/24

Abstract: Systems, methods, and computer-readable media for localizing faults in a network policy are disclosed. In some examples, a system or method can obtain TCAM rules across a network and use the TCAM rules to perform an equivalency check between the logical model and the hardware model of the network policy. One or more risk models are annotated with output from the equivalency check and the risk models are used to identify a set of policy objects of the network policy that are likely responsible for the faults. The identified set of policy objects are correlated with various logs of the network. Based on the correlation, specific policy objects of the set of policy objects that are associated with physical-level causes of the fault.

公开(公告)号：US20200228395A1

公开(公告)日：2020-07-16

申请号：US16829952

申请日：2020-03-25

Applicant: Cisco Technology, Inc.

Inventor： Praveen Tammana ,  Chandra Nagarajan ,  Pavan Mamillapalli ,  Ramana Rao Kompella

IPC: H04L12/24

Abstract: Systems, methods, and computer-readable media for localizing faults in a network policy are disclosed. In some examples, a system or method can obtain TCAM rules across a network and use the TCAM rules to perform an equivalency check between the logical model and the hardware model of the network policy. One or more risk models are annotated with output from the equivalency check and the risk models are used to identify a set of policy objects of the network policy that are likely responsible for the faults.

公开(公告)号：US20180365061A1

公开(公告)日：2018-12-20

申请号：US15796263

申请日：2017-10-27

Applicant: Cisco Technology, Inc.

Inventor： Chetan Narsude ,  Gaurav Gupta ,  Azeem Suleman ,  Shadab Nazar ,  Pavan Mamillapalli ,  Sundar Iyer

IPC: G06F9/48 ,  G06F9/52 ,  G06F17/30

CPC classification number: G06F9/4887 ,  G06F9/52 ,  G06F16/951

Abstract: Aspects of the technology provide systems and methods for interleaving a processing task in a network monitoring appliance. A process of the technology could include steps for identifying operators in the network monitoring appliance, wherein the operators are sequentially arranged to form a processing pipeline, determining an epoch for the processing pipeline, wherein the epoch corresponds with a time duration required for a processing task to traverse the pipeline, and determining a time window in which a supplemental processing task can be interleaved into the processing pipeline, wherein the time window is based on the epoch. Machine-readable media are also provided.