公开(公告)号：US20220021585A1

公开(公告)日：2022-01-20

申请号：US16931879

申请日：2020-07-17

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Stephan Edward Friedl ,  Anoop Mohan ,  Norbert Heusser ,  Yogesh Kumar Soni ,  Daniel Eckstein

IPC: H04L12/24 ,  H04L12/26 ,  H04L12/66

Abstract: In one embodiment, a controller assigns a set of one or more endpoints in a network to a particular edge networking device in the network to process data generated by those one or more endpoints prior to sending the data to a remote application. The controller monitors performance metrics for the particular edge networking device. The controller makes, based on the performance metrics, a determination that performance of the particular edge networking device is below a defined threshold. The controller re-assigns, based on the determination, at least a portion of the set of one or more endpoints to a second edge networking device in the network.

公开(公告)号：US11616727B2

公开(公告)日：2023-03-28

申请号：US17223396

申请日：2021-04-06

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Jerome Henry ,  Thomas Szigeti ,  Daniel Eckstein

IPC: H04L47/2416 ,  H04L41/08 ,  H04L41/0816 ,  H04L47/193

Abstract: In one embodiment, a service associates a plurality of descriptive tags with a node in a network, based on an inspection of packets sent by the node that is performed by one or more sensors deployed to the network. The service identifies, based on the plurality of descriptive tags, data to be extracted from traffic of the node by an edge device located at an edge of the network. The service determines, based on the plurality of descriptive tags, an external destination to which the data should be sent by the edge device after extraction. The service sends a data pipeline configuration to the edge device, wherein the data pipeline configuration causes the edge device to extract the data from the traffic sent by the node and to send the data to the external destination.

公开(公告)号：US20220038335A1

公开(公告)日：2022-02-03

申请号：US16943031

申请日：2020-07-30

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Stephan Edward Friedl ,  Anoop Mohan ,  Norbert Heusser ,  Yogesh Kumar Soni ,  Daniel Eckstein ,  Jerome Henry ,  Vinay Saini

IPC: H04L12/24 ,  H04L29/08 ,  G06F16/955 ,  G06F16/25

Abstract: In one embodiment, a supervisory device that supervises an edge device at an edge of a network receives a uniform resource identifier specified by a node in the network. The supervisory device retrieves information regarding the node located at the uniform resource identifier. The supervisory device generates, based on the information regarding the node, a data pipeline configuration for the edge device. The supervisory device sends the data pipeline configuration to the edge device. The data pipeline configuration causes the edge device to extract data from traffic sent by the node in the network and specifies one or more cloud-hosted applications to which the data should be sent.

公开(公告)号：US11190579B1

公开(公告)日：2021-11-30

申请号：US16931868

申请日：2020-07-17

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Stephan Edward Friedl ,  Anoop Mohan ,  Norbert Heusser ,  Yogesh Kumar Soni ,  Daniel Eckstein

IPC: H04L29/08 ,  H04L12/26 ,  H04L12/24 ,  H04L29/06

Abstract: In one embodiment, a networking device at an edge of a network extracts data from traffic in the network using a plurality of protocol connectors of the networking device. The networking device normalizes the data extracted from the traffic in the network, to form normalized data. The networking device applies a data transformation to the normalized data, to form transformed data. The networking device identifies, based on a policy, one or more cloud providers as being authorized to receive the transformed data. The networking device sends the transformed data to the one or more cloud providers.

公开(公告)号：US12177205B2

公开(公告)日：2024-12-24

申请号：US17722723

申请日：2022-04-18

Applicant: Cisco Technology, Inc.

Inventor： Daniel Eckstein ,  Robert E. Barton ,  Anthony Pisani

IPC: H04L9/40

Abstract: In one embodiment, an edge device of a network maintains intermediate certificates derived from root certificates of different cloud services that identify the edge device to those different cloud services. The edge device receives identity information for a particular device in the network. The edge device generates, using at least one of its intermediate certificates and the identity information for the particular device, one or more local digital identity certificates for the particular device. The edge device causes the particular device to be onboarded to a target cloud service from among the different cloud services, in part by providing the one or more local digital identity certificates to the particular device and to the target cloud service.

公开(公告)号：US11516199B2

公开(公告)日：2022-11-29

申请号：US16931902

申请日：2020-07-17

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Stephan Edward Friedl ,  Anoop Mohan ,  Norbert Heusser ,  Yogesh Kumar Soni ,  Daniel Eckstein

IPC: H04L9/40 ,  H04W12/08 ,  H04W12/06

Abstract: In one embodiment, a networking device at an edge of a network enrolls with a controller that supervises operation of the networking device. The networking device sends a publication request to a cloud-based messaging service. The networking device provides, to the cloud-based messaging service, identification information that indicates the controller that supervises operation of the networking device. The networking device receives, from the cloud-based messaging service, authorization to publish messages to the cloud-based messaging service. The cloud-based messaging service uses the identification information to confirm an identity of the networking device with the controller that supervises operation of the networking device. The networking device sends, after receiving authorization to publish messages to the cloud-based messaging service, a message for publication to the cloud-based messaging service. The message comprises data sourced from an endpoint in the network.

公开(公告)号：US20220021665A1

公开(公告)日：2022-01-20

申请号：US16931902

申请日：2020-07-17

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Stephan Edward Friedl ,  Anoop Mohan ,  Norbert Heusser ,  Yogesh Kumar Soni ,  Daniel Eckstein

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/08

Abstract: In one embodiment, a networking device at an edge of a network enrolls with a controller that supervises operation of the networking device. The networking device sends a publication request to a cloud-based messaging service. The networking device provides, to the cloud-based messaging service, identification information that indicates the controller that supervises operation of the networking device. The networking device receives, from the cloud-based messaging service, authorization to publish messages to the cloud-based messaging service. The cloud-based messaging service uses the identification information to confirm an identity of the networking device with the controller that supervises operation of the networking device. The networking device sends, after receiving authorization to publish messages to the cloud-based messaging service, a message for publication to the cloud-based messaging service. The message comprises data sourced from an endpoint in the network.