公开(公告)号：US12267915B2

公开(公告)日：2025-04-01

申请号：US17355686

申请日：2021-06-23

Applicant: Cisco Technology, Inc.

Inventor： Shankar Ramanathan ,  Nagendra Kumar Nainar ,  Robert E. Barton ,  Jerome Henry

IPC: H04W8/26 ,  H04W4/02 ,  H04W12/12

Abstract: A network infrastructure component determines a risk measurement associated with a wireless client device's use of a device address, and provides an advisory with respect to an address rotation strategy of the wireless client device based on the risk measurement. In some embodiments, the risk measurement is based on one or more of an exposure, by the wireless client device, of information on the wireless network that identifies the wireless client device and/or a characterization of a security of the wireless network environment in which the wireless client device operates.

公开(公告)号：US12267101B2

公开(公告)日：2025-04-01

申请号：US18301511

申请日：2023-04-17

Applicant: Cisco Technology, Inc.

Inventor： Matthew Aaron Silverman ,  Robert E. Barton ,  Brian D. Hart ,  Jerome Henry ,  Ardalan Alizadeh ,  Vishal S. Desai ,  John Matthew Swartz

IPC: H04B1/7183 ,  H04W84/12

Abstract: Access Point ranging and placement on a floorplan may be provided. A host AP may range each neighbor AP of the host AP. One or more neighbor APs that failed ranging with the host AP may be categorized in a failed neighbor AP list. The host AP may re-range each of the one or more neighbor APs in the failed neighbor AP list with a modified ranging parameter. At least one neighbor AP of the one or more neighbor APs may be categorized in the failed neighbor AP list that succeeded in re-ranging with the host AP in an extended range neighbor AP list.

公开(公告)号：US12231395B2

公开(公告)日：2025-02-18

申请号：US18476821

申请日：2023-09-28

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Robert E. Barton ,  Stephen Michael Orr

IPC: H04L61/5038 ,  H04W84/12 ,  H04L101/622

Abstract: Techniques herein facilitate a device address rotation management protocol that may be implemented for a wireless local area network (WLAN), which can be used to influence when wireless client devices or stations may rotate their Media Access Control (MAC) addresses, how to perform such rotations, and/or the like. In one example, a method may include providing, by an access point (AP), a first communication indicating that the AP supports a MAC address rotation management protocol; obtaining, by the AP, a second communication from a wireless station (STA) indicating that the STA intends to perform a MAC address rotation; and transmitting, by the AP, a third communication to influence the MAC address rotation of the STA, the third communication comprising a rotation status indicator and timing information.

公开(公告)号：US12219357B2

公开(公告)日：2025-02-04

申请号：US18590763

申请日：2024-02-28

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Robert E. Barton ,  Darryl E Sladden ,  Thomas Szigeti

IPC: H04W4/02 ,  H04W4/029 ,  H04W12/12 ,  H04W12/79 ,  H04W24/10 ,  H04W48/16 ,  H04W48/20 ,  H04W76/16 ,  H04W88/04 ,  H04W88/08 ,  H04W88/12 ,  H04W92/10 ,  H04W92/12

Abstract: Techniques and apparatus for managing a message relaying system are described. One technique includes an access point (AP) detecting a first signal and a second signal from a computing device. A validation of the first signal is performed based on parameters of the first signal and the second signal. After the validation, information associated with the first signal is transmitted to a computing system. In another technique, the computing system may designate one of multiple APs reporting information regarding first signals as a primary reporting AP and designate the remaining APs as secondary reporting APs. The computing system may instruct the secondary reporting APs to refrain from reporting information regarding first signals to the computing system.

公开(公告)号：US12212541B2

公开(公告)日：2025-01-28

申请号：US18591538

申请日：2024-02-29

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Robert E. Barton ,  Jerome Henry

IPC: H04L61/5014 ,  H04W12/108 ,  H04W12/71 ,  H04L101/622

Abstract: An authorization device obtains a registration request associated with an end device, the registration request including a new randomized media access control (MAC) address associated with the end device; determines whether the end device is authorized to use the new randomized MAC address; transmits a message to the end device with a first randomly generated number when it is determined that the end device is authorized to use the new randomized MAC address; obtains integrity information associated with the end device, the first integrity information being computed based on the first randomly generated number; transmits a request to a validation system to validate the end device based on the first integrity information; obtains an indication that the end device is validated; determines policies associated with the end device when it is determined that the end device is validated; and applies the policies to the end device.

公开(公告)号：US12185218B2

公开(公告)日：2024-12-31

申请号：US17562715

申请日：2021-12-27

Applicant: Cisco Technology, Inc.

Inventor： Vinay Saini ,  Jerome Henry ,  Robert E. Barton

IPC: H04W4/02 ,  H04H20/72 ,  H04W8/00 ,  H04W40/24 ,  H04W72/30

Abstract: Aspects described herein include a method and related network device and computer program product. The method includes receiving a neighbor report that indicates whether a first network device in an environment is advertising broadcast services and generating, using the neighbor report, a broadcast optimization map that indicates a set of network devices in the environment that will provide a broadest coverage of broadcast services within the environment. The set corresponds to a minimum count of network devices that supports all current broadcast streams by one or more client devices in the environment.

公开(公告)号：US12160452B2

公开(公告)日：2024-12-03

申请号：US17673310

申请日：2022-02-16

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Robert E. Barton ,  Stephen Michael Orr

IPC: H04L29/12 ,  H04L9/40 ,  H04L61/50 ,  H04W12/00 ,  H04L101/622 ,  H04W8/26 ,  H04W84/12

Abstract: Techniques are provided for client-driven Randomized and Changing Media Access Control (MAC) address (RCM) mechanisms. In one example, a wireless client is configured to wirelessly communicate with a wireless network. The wireless client obtains data relating to a level of security for one or more MAC addresses of the wireless client. Based on the data, the wireless client computes a score that represents the level of security for the one or more MAC addresses. Using the score, the wireless client determines when or how frequently to rotate the one or more MAC addresses. Based on determining when or how frequently to rotate the one or more MAC addresses, the wireless client rotates the one or more MAC addresses.

公开(公告)号：US20240236045A9

公开(公告)日：2024-07-11

申请号：US17971285

申请日：2022-10-21

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Flemming Stig ANDREASEN ,  Jerome HENRY ,  Elango GANESAN

IPC: H04L9/40

CPC classification number: H04L63/0281

Abstract: In one embodiment, a device receives discovery data generated by a plurality of networking devices in a network. The device determines, based on the discovery data, a hierarchy of layers of the network. The device receives a request by a client that is external to the network to access remotely a particular endpoint in the network. The device configures, and in response to the request, a proxy chain of remote access agents executed by a subset of networking devices from the plurality of networking devices to allow the client to access remotely the particular endpoint, each of those networking devices proxying traffic between different layers of the network.

公开(公告)号：US12010559B2

公开(公告)日：2024-06-11

申请号：US18187549

申请日：2023-03-21

Applicant: Cisco Technology, Inc.

Inventor： Malcolm M. Smith ,  Jerome Henry ,  Mark Grayson ,  Robert E. Barton ,  Bart A. Brinckman

IPC: H04L9/40 ,  H04W8/22 ,  H04W12/06 ,  H04W12/69 ,  H04W28/24 ,  H04W84/12

CPC classification number: H04W28/24 ,  H04W8/22 ,  H04W12/06 ,  H04W12/69 ,  H04W84/12

Abstract: Techniques for dynamically negotiating a service legal agreement (SLA) between a roaming device and a visited network (VN) in an identity federation. An identity profile provided to a user device by an identity provider (IDP) is accessed by the user device. The identity profile includes a first SLA criteria. An advertisement from the VN indicating one or more SLAs supported by the VN is received at the user device. The advertisement is received before the user device has associated with the VN. The IDP and the VN are part of a same identity federation. It is determined that the SLA supported by the VN satisfies the first SLA criteria. Upon that determination, an acceptance is transmitted by the user device to the VN, and the user device is associated with the VN.

公开(公告)号：US20240137344A1

公开(公告)日：2024-04-25

申请号：US17971285

申请日：2022-10-20

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Flemming Stig ANDREASEN ,  Jerome HENRY ,  Elango GANESAN

IPC: H04L9/40

CPC classification number: H04L63/0281

Abstract: In one embodiment, a device receives discovery data generated by a plurality of networking devices in a network. The device determines, based on the discovery data, a hierarchy of layers of the network. The device receives a request by a client that is external to the network to access remotely a particular endpoint in the network. The device configures, and in response to the request, a proxy chain of remote access agents executed by a subset of networking devices from the plurality of networking devices to allow the client to access remotely the particular endpoint, each of those networking devices proxying traffic between different layers of the network.