公开(公告)号：US20240303336A1

公开(公告)日：2024-09-12

申请号：US18180807

申请日：2023-03-08

Applicant: Cisco Technology, Inc.

Inventor： Deepthi Tammireddy ,  Shilpa Avinash Sodani ,  Vishnuprasad Raghavan ,  Hongqing Li

IPC: G06F21/56 ,  G06F21/55 ,  H04L9/40

CPC classification number: G06F21/566 ,  G06F21/552 ,  H04L63/1408 ,  H04L63/20

Abstract: A method of protecting networks may include detecting a compromised computing device associated with a security event generated by a unified security policy from a plurality of sites within a network. A context of the compromised computing device may be extracted. The context may be propagated to a controller. The method may further include fetching from an identity services engine (ISE), user identity associated with the compromised computing device, and provisioning the controller with a dynamic list and a data policy matching the dynamic list. The method may also include advertising the dynamic list and the data policy to at least one of the plurality of sites.

公开(公告)号：US11575619B2

公开(公告)日：2023-02-07

申请号：US17080319

申请日：2020-10-26

Applicant: Cisco Technology, Inc.

Inventor： Mingzhe Lu ,  Hongqing Li ,  Diana Leung ,  Madhu Gindi ,  Preety Mordani ,  Prabahar Radhakrishnan

IPC: H04L49/00

Abstract: The present disclosure is directed to adaptive networking policy with user defined fields and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more components to perform operations including generating a user defined attribute (UDA) value corresponding to a set of attributes; receiving, at a network device, a packet having one or more packet conditions; determining that the one or more packet conditions of the packet match the set of attributes of the UDA value; assigning a UDA tag to the packet, wherein the UDA tag corresponds to the UDA value and is configured for chaining with one or more other UDA tags; and taking an action on the packet based on the UDA tag.

公开(公告)号：US20230188479A1

公开(公告)日：2023-06-15

申请号：US18164013

申请日：2023-02-03

Applicant: Cisco Technology, Inc.

Inventor： Mingzhe Lu ,  Hongqing Li ,  Diana Leung ,  Madhu Gindi ,  Preety Mordani ,  Prabahar Radhakrishnan

IPC: H04L49/00

CPC classification number: H04L49/3009

Abstract: The present disclosure is directed to adaptive networking policy with user defined fields and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more components to perform operations including generating a user defined attribute (UDA) value corresponding to a set of attributes; receiving, at a network device, a packet having one or more packet conditions; determining that the one or more packet conditions of the packet match the set of attributes of the UDA value; assigning a UDA tag to the packet, wherein the UDA tag corresponds to the UDA value and is configured for chaining with one or more other UDA tags; and taking an action on the packet based on the UDA tag.

公开(公告)号：US20210273910A1

公开(公告)日：2021-09-02

申请号：US16806794

申请日：2020-03-02

Applicant: Cisco Technology, Inc.

Inventor： Mingzhe Lu ,  Hongqing Li ,  Diana Leung ,  Jialiang Zhang ,  Madhusudan V. Gindi

IPC: H04L29/06

Abstract: The present technology discloses systems, methods, and computer-readable media to establish at least one target for a network, the target including at least one of an ingress parameter or an egress parameter and a policy for network packets; receive at least one network packet on the network; search for at least one matching target from the at least one targets, the at least matching target comprising parameters that match the at least one network packet; apply a policy in the at least one matching target to the at least one network packet; and forward the at least one network packet in accordance with the policy.

公开(公告)号：US11770350B2

公开(公告)日：2023-09-26

申请号：US18164013

申请日：2023-02-03

Applicant: Cisco Technology, Inc.

Inventor： Mingzhe Lu ,  Hongqing Li ,  Diana Leung ,  Madhu Gindi ,  Preety Mordani ,  Prabahar Radhakrishnan

IPC: H04L49/00

CPC classification number: H04L49/3009

Abstract: The present disclosure is directed to adaptive networking policy with user defined fields and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more components to perform operations including generating a user defined attribute (UDA) value corresponding to a set of attributes; receiving, at a network device, a packet having one or more packet conditions; determining that the one or more packet conditions of the packet match the set of attributes of the UDA value; assigning a UDA tag to the packet, wherein the UDA tag corresponds to the UDA value and is configured for chaining with one or more other UDA tags; and taking an action on the packet based on the UDA tag.

公开(公告)号：US11627111B2

公开(公告)日：2023-04-11

申请号：US16806794

申请日：2020-03-02

Applicant: Cisco Technology, Inc.

Inventor： Mingzhe Lu ,  Hongqing Li ,  Diana Leung ,  Jialiang Zhang ,  Madhusudan V. Gindi

IPC: H04L29/06 ,  H04L9/40

Abstract: The present technology discloses systems, methods, and computer-readable media to establish at least one target for a network, the target including at least one of an ingress parameter or an egress parameter and a policy for network packets; receive at least one network packet on the network; search for at least one matching target from the at least one targets, the at least matching target comprising parameters that match the at least one network packet; apply a policy in the at least one matching target to the at least one network packet; and forward the at least one network packet in accordance with the policy.

公开(公告)号：US11184238B1

公开(公告)日：2021-11-23

申请号：US17080406

申请日：2020-10-26

Applicant: Cisco Technology, Inc.

Inventor： Mingzhe Lu ,  Hongqing Li ,  Preety Mordani ,  Prabahar Radhakrishnan

IPC: G06F15/177 ,  H04L12/24

Abstract: The present disclosure is directed to unified feature operations, and includes methods comprising receiving, for each of one or more actions that have been defined and downloaded to a data plane, registration information for registering each of the one or more actions, wherein the registration information includes an action handle for identifying a registered action of one or more registered actions; receiving a query from an application module having a composite action comprising at least one custom action to determine if the at least one custom action corresponds to at least one registered action; and in response to determining that the at least one custom action corresponds to at least one registered action, transmitting to the application module at least one action handle corresponding to the at least one registered action, wherein the at least one action handle is used to create a composite action package in the data plane.