公开(公告)号：US12225051B2

公开(公告)日：2025-02-11

申请号：US17876190

申请日：2022-07-28

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vishnuprasad Raghavan ,  Kannan Kumar ,  Ramana Babu Polamarasetti ,  Mahalakshmi Rajaram

IPC: H04L9/40

Abstract: Techniques for user identity-based security policy enforcement. The techniques may include sending, to an edge device associated with a network, a networking policy associated with a user. The techniques may also include receiving, from an identity provider, an IP address associated with the user. Additionally, the techniques may include sending, to the edge device, an indication to associate the IP address with the user such that the edge device applies the networking policy to packets that include the IP address.

公开(公告)号：US20250039089A1

公开(公告)日：2025-01-30

申请号：US18775523

申请日：2024-07-17

Applicant: Cisco Technology, Inc.

Inventor： Ganesh Devendrachar ,  Ajeet Pal Singh Gill ,  Balaji Sundararajan ,  Srilatha Tangirala ,  Satish Varadarajula ,  Satyajit Das

IPC: H04L45/76 ,  H04L45/24 ,  H04L47/125

Abstract: Techniques for automatically providing per tenant weighted DCMP over shared transport interfaces and automated flow has load balancing are described. The techniques may include onboarding, by an SD-WAN controller, the tenant with a resource profile to a first multi-tenant edge device, where the resource profile defines a traffic allowance per transport interface for the tenant on the first multi-tenant edge device. The SD-WAN controller receives, from the first multi-tenant edge device, information including a first weight per transport interface of the first multi-tenant edge device for the tenant. The SD-WAN controller transmits the information to a second multi-tenant device. The SD-WAN controller receives, from the second multi-tenant edge device, information including a second weight per transport interface of the second multi-tenant edge device, and transmits the information to the first multi-tenant edge device.

公开(公告)号：US20240430124A1

公开(公告)日：2024-12-26

申请号：US18828293

申请日：2024-09-09

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Anand Oswal ,  Chethan Channappa ,  Subhash Kodnad ,  Jeevan Sharma

IPC: H04L12/28 ,  G06F9/455 ,  G16Y30/10 ,  H04L9/40 ,  H04L12/66 ,  H04L41/0894 ,  H04L41/14 ,  H04L41/50 ,  H04L47/76 ,  H04L49/00 ,  H04L67/12 ,  H04W92/02

Abstract: The present disclosure is directed to managing industrial internet of things end points and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more switches to perform operations comprising: identifying a first end point using a protocol associated with the first end point, determining a classification for the identified first end point based on one or more attributes of the first end point, identifying one or more related end points having the classification in common with the first end point, segmenting the first end point with the identified one or more related end points, and applying one or more policies to the segmented first end point and the one or more related end points.

公开(公告)号：US12160370B2

公开(公告)日：2024-12-03

申请号：US18166786

申请日：2023-02-09

Applicant: Cisco Technology, Inc.

Inventor： Srilatha Tangirala ,  Nithin Bangalore Raju ,  Ananya Raval ,  Prabahar Radhakrishnan ,  Vivek Agarwal ,  Balaji Sundararajan

IPC: H04L47/80 ,  H04L45/02 ,  H04L45/64 ,  H04L47/70 ,  H04L47/762 ,  H04L47/78

Abstract: Route exchange in a plurality of network controller appliances on a per-tenant basis is disclosed. In one aspect, a method includes receiving, from a network management system and at a first network controller appliance, a designation of at least two tenants to be hosted on the first network controller appliance, the first network controller appliance being one of a plurality of network controller appliances in a SD-WAN; sending, from the first network controller appliance to other network controller appliances of the plurality of network controller appliances, a tenant list query message to obtain a corresponding tenant list of each of the other network controller appliances; and receiving a corresponding response from each of the other network controller appliances indicating the corresponding tenant list of each of the other network controller appliances, the corresponding response being used to update the tenant list on the first network controller appliance.

公开(公告)号：US20240275800A1

公开(公告)日：2024-08-15

申请号：US18644315

申请日：2024-04-24

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Gaurang Rajeev Mokashi ,  Preety Mordani ,  Vivek Agarwal

IPC: H04L9/40 ,  G06F9/455 ,  H04L43/08 ,  H04L47/20 ,  H04L49/25

CPC classification number: H04L63/1416 ,  G06F9/45558 ,  H04L43/08 ,  H04L47/20 ,  H04L49/25 ,  H04L63/20 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Systems, methods, and computer-readable media for performing threat remediation through a switch fabric of a virtualized network environment. Data traffic passing into a virtualized network environment including a plurality of virtual machines running on a switch fabric is monitored. A network threat introduced through at a least a portion of the data traffic is identified at the switch fabric. One or more remedial measures are performed in the network environment based on the identification of the network threat in the virtualized network environment.

公开(公告)号：US20240171469A1

公开(公告)日：2024-05-23

申请号：US18422949

申请日：2024-01-25

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Bhairav Dutia ,  Ankur Bhargava ,  Satish Mahadevan ,  Srinivas Yalamanchanli ,  Ziad Sarieddine ,  Nikolai Pitaev

IPC: H04L41/12 ,  H04L41/0894 ,  H04L67/52

CPC classification number: H04L41/12 ,  H04L41/0894 ,  H04L67/52

Abstract: This disclosure describes techniques and mechanisms for disclosure describes techniques and mechanisms for a central management plane to automatically create and assign system identifiers to network devices, thereby creating a global network hierarchy within a network. The techniques enable the use of a system identifier to be automatically generated and assigned, as well as configuration and network policies to be automatically generated based on the system identifier. Accordingly, the techniques enable automation of regional connectivity and policy application, a simplified manner of troubleshooting/debugging of any connectivity issues, and a simplified, aggregated view of statistic and analytics related to problems at site, sub-region, and region levels.

公开(公告)号：US11985007B2

公开(公告)日：2024-05-14

申请号：US17898214

申请日：2022-08-29

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Madhuri Kolli ,  Giorgio Valentini ,  Venkatraman Venkatapathy ,  Avinash Ashok Kumar Chiganmi ,  Vivek Agarwal

IPC: H04L12/46 ,  H04L12/66 ,  H04L45/00 ,  H04L45/02

CPC classification number: H04L12/4666 ,  H04L12/465 ,  H04L12/4675 ,  H04L12/66 ,  H04L45/04 ,  H04L45/54

Abstract: The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.

公开(公告)号：US20240146565A1

公开(公告)日：2024-05-02

申请号：US17979255

申请日：2022-11-02

Applicant: Cisco Technology, Inc.

Inventor： Ajeet Pal Singh Gill ,  Balaji Sundararajan ,  Srilatha Tangirala ,  Nithin Bangalore Raju ,  Ravi Kiran Chintallapudi ,  Pradeepan Kannawadi ,  Ganesh Devendrachar

IPC: H04L12/28 ,  H04L67/10

CPC classification number: H04L12/28 ,  H04L67/10

Abstract: Techniques for virtualizing tenant transport interfaces configured to implement per-tenant network routing attribute differentiation in each tenant overlay of a multisite wide area network (WAN) and share the virtual transport interfaces between multi-tenant edge (MTE) devices providing transport services to tenant devices based on a defined tenant tier model. A Software-Defined Networking (SDN) controller may receive a physical transport interface and/or a device type associated with a tenant device. The SDN controller may determine a virtual transport interface for the tenant device based on a tier associated with the tenant. MTE device(s) may utilize the physical transport interface to establish sessions with other MTE device(s) in the WAN. The virtual transport interface may be utilized by MTE devices to implement and/or enforce network routing attributes when forwarding network traffic associated with the tenant via the sessions established between the MTE devices through the WAN.

公开(公告)号：US20240073147A1

公开(公告)日：2024-02-29

申请号：US18052826

申请日：2022-11-04

Applicant: Cisco Technology, Inc.

Inventor： Ramakumara Kariyappa ,  Satish Mahadevan ,  Biju Mathews Mammen ,  Balaji Sundararajan ,  Giorgio Valentini ,  Venkatraman Venkatapathy

IPC: H04L47/2441 ,  H04L45/85 ,  H04L47/2425

CPC classification number: H04L47/2441 ,  H04L45/85 ,  H04L47/2433

Abstract: Techniques are described for routing traffic through an interconnect cloud gateway based on cloud traffic routing indicators. The interconnect cloud gateway can advertise the cloud traffic routing indicators, which can include cloud indicators and transport gateway indicators. The cloud indicators can include cloud tags utilized to route cloud traffic. The transport gateway indicators can include transport gateway flags utilized to identify private networks utilized to route the cloud traffic. The cloud traffic can routed during normal private network operation through private networks, which can be dynamically replaced by public networks due to occurrences of failures preventing the data traffic from being routed through the private networks and to cloud networks.

公开(公告)号：US11888876B2

公开(公告)日：2024-01-30

申请号：US18171322

申请日：2023-02-17

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Gaurang Rajeev Mokashi ,  Preety Mordani ,  Vivek Agarwal

IPC: H04L9/40 ,  G06F9/455 ,  H04L47/20 ,  H04L43/08 ,  H04L49/25

CPC classification number: H04L63/1416 ,  G06F9/45558 ,  H04L43/08 ,  H04L47/20 ,  H04L49/25 ,  H04L63/20 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Systems, methods, and computer-readable media for performing threat remediation through a switch fabric of a virtualized network environment. Data traffic passing into a virtualized network environment including a plurality of virtual machines running on a switch fabric is monitored. A network threat introduced through at a least a portion of the data traffic is identified at the switch fabric. One or more remedial measures are performed in the network environment based on the identification of the network threat in the virtualized network environment.