公开(公告)号：US20240314114A1

公开(公告)日：2024-09-19

申请号：US18673183

申请日：2024-05-23

Applicant: Cisco Technology, Inc.

Inventor： Govind Prasad Sharma ,  Javed Asghar ,  Prabhu Balakannan ,  Sridhar Vallepalli

IPC: H04L9/40 ,  H04L9/08 ,  H04L12/46 ,  H04L69/14 ,  H04L69/22

CPC classification number: H04L63/062 ,  H04L9/0891 ,  H04L12/4641 ,  H04L63/0428 ,  H04L63/166 ,  H04L69/14 ,  H04L69/22

Abstract: A Software-Defined Networking (SDN)-based “upstream” approach is a controller-based solution that provides secure key distribution and management for multi-site data centers. The approach uses an SDN Multi-Site Controller (MSC) that acts as an intermediary between SDN controllers at sites in a multi-site data center and manages the distribution of keys to sites. The approach is not dependent upon any particular routing protocol, such as the Border Gateway Protocol (BGP), and is well suited for multicast stream encryption by allowing the same key to be used for all replicated packets sent to downstream sites from an upstream source site. The approach distributes keys in a secure manner, ensures that data transferred between sites is done in a secure manner, and supports re-keying with error handling.

公开(公告)号：US20240080309A1

公开(公告)日：2024-03-07

申请号：US18508743

申请日：2023-11-14

Applicant: Cisco Technology, Inc.

Inventor： Govind Prasad Sharma ,  Javed Asghar ,  Prabhu Balakannan ,  Sridhar Vallepalli

IPC: H04L9/40 ,  H04L9/08 ,  H04L12/46 ,  H04L69/14 ,  H04L69/22

CPC classification number: H04L63/062 ,  H04L9/0891 ,  H04L12/4641 ,  H04L63/0428 ,  H04L63/166 ,  H04L69/14 ,  H04L69/22

Abstract: A Software-Defined Networking (SDN)-based “upstream” approach is a controller-based solution that provides secure key distribution and management for multi-site data centers. The approach uses an SDN Multi-Site Controller (MSC) that acts as an intermediary between SDN controllers at sites in a multi-site data center and manages the distribution of keys to sites. The approach is not dependent upon any particular routing protocol, such as the Border Gateway Protocol (BGP), and is well suited for multicast stream encryption by allowing the same key to be used for all replicated packets sent to downstream sites from an upstream source site. The approach distributes keys in a secure manner, ensures that data transferred between sites is done in a secure manner, and supports re-keying with error handling.

公开(公告)号：US11838701B2

公开(公告)日：2023-12-05

申请号：US17342820

申请日：2021-06-09

Applicant: Cisco Technology, Inc.

Inventor： Prabhu Balakannan ,  Shrawan Chittoor Surender ,  Ashwin Ramani ,  Eshwar Yedavalli ,  Srinivas Gaddam ,  Umamaheswararao Karyampudi

IPC: H04Q11/00

CPC classification number: H04Q11/0066 ,  H04Q11/0005 ,  H04Q2011/0041 ,  H04Q2011/0079 ,  H04Q2011/0086

Abstract: In one embodiment, systems and method for detecting the intent of a connected optics/cable to operate in either a breakout mode or a non-breakout mode are provided. When a optics/cable is used to connect a port of a spine node to ports of one or more leaf nodes, initially both the spine node and the leaf nodes may automatically configure themselves to operate in breakout mode depending on the optics. Later, the spine node and one or more leaf nodes may exchange speed and optics information using a link layer discovery protocol or another protocol. If the exchanged speed and optics information indicates a mismatch, then the spine node or the leaf node may retain the breakout mode. If the exchanged speed and optic information do not indicate a mismatch, then the spine nodes and the leaf nodes may automatically re-configure themselves in non-breakout mode.

公开(公告)号：US12199963B2

公开(公告)日：2025-01-14

申请号：US18508743

申请日：2023-11-14

Applicant: Cisco Technology, Inc.

Inventor： Govind Prasad Sharma ,  Javed Asghar ,  Prabhu Balakannan ,  Sridhar Vallepalli

IPC: H04L9/40 ,  H04L9/08 ,  H04L12/46 ,  H04L69/14 ,  H04L69/22

Abstract: A Software-Defined Networking (SDN)-based “upstream” approach is a controller-based solution that provides secure key distribution and management for multi-site data centers. The approach uses an SDN Multi-Site Controller (MSC) that acts as an intermediary between SDN controllers at sites in a multi-site data center and manages the distribution of keys to sites. The approach is not dependent upon any particular routing protocol, such as the Border Gateway Protocol (BGP), and is well suited for multicast stream encryption by allowing the same key to be used for all replicated packets sent to downstream sites from an upstream source site. The approach distributes keys in a secure manner, ensures that data transferred between sites is done in a secure manner, and supports re-keying with error handling.

公开(公告)号：US11895100B2

公开(公告)日：2024-02-06

申请号：US16940114

申请日：2020-07-27

Applicant: Cisco Technology, Inc.

Inventor： Govind Prasad Sharma ,  Javed Asghar ,  Prabhu Balakannan ,  Sridhar Vallepalli

IPC: H04L9/40 ,  H04L9/08 ,  H04L12/46 ,  H04L69/14 ,  H04L69/22

CPC classification number: H04L63/062 ,  H04L9/0891 ,  H04L12/4641 ,  H04L63/0428 ,  H04L63/166 ,  H04L69/14 ,  H04L69/22

Abstract: A Software-Defined Networking (SDN)-based “upstream” approach is a controller-based solution that provides secure key distribution and management for multi-site data centers. The approach uses an SDN Multi-Site Controller (MSC) that acts as an intermediary between SDN controllers at sites in a multi-site data center and manages the distribution of keys to sites. The approach is not dependent upon any particular routing protocol, such as the Border Gateway Protocol (BGP), and is well suited for multicast stream encryption by allowing the same key to be used for all replicated packets sent to downstream sites from an upstream source site. The approach distributes keys in a secure manner, ensures that data transferred between sites is done in a secure manner, and supports re-keying with error handling.

公开(公告)号：US20240223544A1

公开(公告)日：2024-07-04

申请号：US18147369

申请日：2022-12-28

Applicant: Cisco Technology, Inc.

Inventor： Govind Prasad Sharma ,  Prabhu Balakannan ,  Sivakumar Kailas

IPC: H04L9/40 ,  H04L12/46

CPC classification number: H04L63/0478 ,  H04L12/4633

Abstract: Techniques for generating a per-packet initialization vector for high bandwidth encryption engines in a multipathing IP network are described herein. In examples, a network switch of a first datacenter site may receive a data packet to be sent to a second datacenter site over a network. The data packet may be encrypted according to a virtual extensible LAN (VxLAN) protocol and to be transmitted in a VxLAN tunnel created for the first datacenter site and the second datacenter site. An encryption engine implemented at the network switch may generate an initialization vector (IV) for the data packet based on a packet number (PN) associated with the data packet. The encryption engine may use the IV and information associated with a security association (SA) assigned to the packet to encrypt the data packet. In some examples, a full 64-bit PN may be used to compute the IV for the data packet.

公开(公告)号：US10778662B2

公开(公告)日：2020-09-15

申请号：US16166973

申请日：2018-10-22

Applicant: Cisco Technology, Inc.

Inventor： Govind Prasad Sharma ,  Javed Asghar ,  Prabhu Balakannan ,  Sridhar Vallepalli

IPC: H01L29/06 ,  H04L29/06 ,  H04L9/08 ,  H04L12/46

Abstract: A Software-Defined Networking (SDN)-based “upstream” approach is a controller-based solution that provides secure key distribution and management for multi-site data centers. The approach uses an SDN Multi-Site Controller (MSC) that acts as an intermediary between SDN controllers at sites in a multi-site data center and manages the distribution of keys to sites. The approach is not dependent upon any particular routing protocol, such as the Border Gateway Protocol (BGP), and is well suited for multicast stream encryption by allowing the same key to be used for all replicated packets sent to downstream sites from an upstream source site. The approach distributes keys in a secure manner, ensures that data transferred between sites is done in a secure manner, and supports re-keying with error handling.

公开(公告)号：US12238079B2

公开(公告)日：2025-02-25

申请号：US18673183

申请日：2024-05-23

Applicant: Cisco Technology, Inc.

Inventor： Govind Prasad Sharma ,  Javed Asghar ,  Prabhu Balakannan ,  Sridhar Vallepalli

IPC: H04L9/40 ,  H04L9/08 ,  H04L12/46 ,  H04L69/14 ,  H04L69/22

Abstract: A Software-Defined Networking (SDN)-based “upstream” approach is a controller-based solution that provides secure key distribution and management for multi-site data centers. The approach uses an SDN Multi-Site Controller (MSC) that acts as an intermediary between SDN controllers at sites in a multi-site data center and manages the distribution of keys to sites. The approach is not dependent upon any particular routing protocol, such as the Border Gateway Protocol (BGP), and is well suited for multicast stream encryption by allowing the same key to be used for all replicated packets sent to downstream sites from an upstream source site. The approach distributes keys in a secure manner, ensures that data transferred between sites is done in a secure manner, and supports re-keying with error handling.

公开(公告)号：US20220400322A1

公开(公告)日：2022-12-15

申请号：US17342820

申请日：2021-06-09

Applicant: Cisco Technology, Inc.

Inventor： Prabhu Balakannan ,  Shrawan Chittoor Surender ,  Ashwin Ramani ,  Eshwar Yedavalli ,  Srinivas Gaddam ,  Umamaheswararao Karyampudi

IPC: H04Q11/00

Abstract: In one embodiment, systems and method for detecting the intent of a connected optics/cable to operate in either a breakout mode or a non-breakout mode are provided. When a optics/cable is used to connect a port of a spine node to ports of one or more leaf nodes, initially both the spine node and the leaf nodes may automatically configure themselves to operate in breakout mode depending on the optics. Later, the spine node and one or more more leaf nodes may exchange speed and optics information using a link layer discovery protocol or another protocol. If the exchanged speed and optics information indicates a mismatch, then the spine node or the leaf node may retain the breakout mode. If the exchanged speed and optic information do not indicate a mismatch, then the spine nodes and the leaf nodes may automatically re-configure themselves in non-breakout mode.

公开(公告)号：US20200127987A1

公开(公告)日：2020-04-23

申请号：US16166973

申请日：2018-10-22

Applicant: Cisco Technology, Inc.

Inventor： Govind Prasad Sharma ,  Javed Asghar ,  Prabhu Balakannan ,  Sridhar Vallepalli

IPC: H04L29/06 ,  H04L9/08 ,  H04L12/46

Abstract: A Software-Defined Networking (SDN)-based “upstream” approach is a controller-based solution that provides secure key distribution and management for multi-site data centers. The approach uses an SDN Multi-Site Controller (MSC) that acts as an intermediary between SDN controllers at sites in a multi-site data center and manages the distribution of keys to sites. The approach is not dependent upon any particular routing protocol, such as the Border Gateway Protocol (BGP), and is well suited for multicast stream encryption by allowing the same key to be used for all replicated packets sent to downstream sites from an upstream source site. The approach distributes keys in a secure manner, ensures that data transferred between sites is done in a secure manner, and supports re-keying with error handling.