公开(公告)号：US20220272614A1

公开(公告)日：2022-08-25

申请号：US17182058

申请日：2021-02-22

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Hao Lu ,  Xiaoding Shang ,  Feng Ding ,  Qiwei Chang

IPC: H04W48/12 ,  H04W48/16 ,  H04W12/06

Abstract: Systems and methods are provided for authentication chaining and firewall optimization in a micro branch deployment comprising a plurality of chained access points (APs) and a gateway AP. A topology of the micro branch deployment may be determined through enhanced hierarchical beaconing. Based on the determined topology, an authentication chain is developed through which a client device associated to an AP of the plurality of chained APs may be authenticated and granted access to the AP. Upon authentication of the client device, firewall optimization is performed to implement access control rules only at the AP to which the client device is associated.

公开(公告)号：US11792718B2

公开(公告)日：2023-10-17

申请号：US17182058

申请日：2021-02-22

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Hao Lu ,  Xiaoding Shang ,  Feng Ding ,  Qiwei Chang

IPC: H04W48/12 ,  H04W48/16 ,  H04W12/06 ,  H04W88/08 ,  H04W88/16

CPC classification number: H04W48/12 ,  H04W12/06 ,  H04W48/16 ,  H04W88/08 ,  H04W88/16

Abstract: Systems and methods are provided for authentication chaining and firewall optimization in a micro branch deployment comprising a plurality of chained access points (APs) and a gateway AP. A topology of the micro branch deployment may be determined through enhanced hierarchical beaconing. Based on the determined topology, an authentication chain is developed through which a client device associated to an AP of the plurality of chained APs may be authenticated and granted access to the AP. Upon authentication of the client device, firewall optimization is performed to implement access control rules only at the AP to which the client device is associated.

公开(公告)号：US20220353235A1

公开(公告)日：2022-11-03

申请号：US17242551

申请日：2021-04-28

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Haifeng Zhang ,  Hao Lu ,  Mohan Ram Bhadravati Ramakrishna Bhat ,  Xiaoding Shang

IPC: H04L29/12 ,  H04L12/851

Abstract: Some examples relate to controlling network traffic pertaining to a domain name based on a Domain Name System-Internet Protocol address (DNS-IP) mapping, An example includes receiving, in a cloud computing system, a local DNS-IP mapping for a domain name from respective Access Points (APs) in a virtual local area network (VLAN) along with geographical information of respective APs; generating a global DNS-IP mapping database comprising the local DNS-IP mapping for the domain name received from respective APs in the VLAN along with geographical information of respective APs, in the cloud computing system; and determining appropriate APs to distribute the global DNS-IP mapping, based on location information of respective APs.

公开(公告)号：US12015561B2

公开(公告)日：2024-06-18

申请号：US17129089

申请日：2020-12-21

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Hao Lu ,  Sachin Ganu ,  Nitin A. Changlani ,  Xiaoding Shang ,  Qiang Zhou

IPC: H04L47/62 ,  H04B7/0413 ,  H04L5/00 ,  H04L47/2425

CPC classification number: H04L47/6215 ,  H04B7/0413 ,  H04L5/0007 ,  H04L47/2433

Abstract: Systems and techniques are described that are directed to intelligent scheduling of Wi-Fi services for applications, including enhanced dynamic prioritization. A device, such as an access point (AP), can receive data packets from multiple connected devices to dynamically identify an application flow for each data packet, and dynamically identify a user associated with the application flow for each data packet. The AP can generate prioritized candidate lists for selected data packets in queues corresponding to an access category (AC). In response to determining that the identified user associated with the application flow corresponds with a critical user, the AP can select data packets for the prioritized candidate lists based at least in part on priority policies for each of a plurality of applications and based at least in part on dynamic prioritization of applications for each of a plurality of applications; and schedule data packets from the prioritized candidate lists.

公开(公告)号：US11950125B2

公开(公告)日：2024-04-02

申请号：US17559518

申请日：2021-12-22

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Hao Lu ,  Sachin Ganu ,  Xiaoding Shang ,  Nitin Changlani

IPC: H04W88/08 ,  H04L45/64 ,  H04W24/02 ,  H04W28/02 ,  H04W28/24

CPC classification number: H04W28/0268 ,  H04L45/64 ,  H04W24/02 ,  H04W28/24 ,  H04W88/08

Abstract: Systems and methods for providing enhanced Quality of Service (QoS) network transmissions can be based on an application sub-class or a user class. Systems and methods can include inspecting the information packet having a network level QoS field having a first network level QoS portion and a second network level QoS portion, determining an application sub-class or user class associated with the information packet, tagging the first network level QoS portion of the information packet according to a first network level QoS value, tagging the second network level QoS portion of the information packet according to a traffic priority indication and to a determined application sub-class or user class, and queuing the information packet for transmission from a network element based on the tagged first network level QoS portion and the second network level QoS portion.

公开(公告)号：US20250080493A1

公开(公告)日：2025-03-06

申请号：US18460409

申请日：2023-09-01

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Zhijun Ren ,  Xiaoding Shang ,  Hao Lu ,  Qiwei Chang

IPC: H04L61/5014 ,  H04L61/10

Abstract: An AP sets up a data tunnel to a remote network and monitors a remote DHCP session between a client device and a remote DHCP server in the remote network. The remote DHCP server assigns a remote IP address to the client device, and communication between the client device and the remote network is based on the remote IP address. In response to determining completion of the remote DHCP session, the AP initializes a local DHCP session with a local DHCP server in a local network to obtain a local IP address for the client device. Communication between the client device and the local network is based on the local IP address. In response to detecting the client device roaming from the AP to a target AP, the AP forwards the remote and local IP addresses and session data of active sessions on the client device to the target AP.

公开(公告)号：US11588781B2

公开(公告)日：2023-02-21

申请号：US17242551

申请日：2021-04-28

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Haifeng Zhang ,  Hao Lu ,  Mohan Ram Bhadravati Ramakrishna Bhat ,  Xiaoding Shang

IPC: H04L61/4511 ,  H04L61/2514 ,  H04L61/5076 ,  H04L9/40 ,  H04W4/029 ,  H04L12/46 ,  H04L65/102 ,  H04L47/24 ,  H04L45/76 ,  H04L45/74 ,  H04W8/26

Abstract: Some examples relate to controlling network traffic pertaining to a domain name based on a Domain Name System-Internet Protocol address (DNS-IP) mapping, An example includes receiving, in a cloud computing system, a local DNS-IP mapping for a domain name from respective Access Points (APs) in a virtual local area network (VLAN) along with geographical information of respective APs; generating a global DNS-IP mapping database comprising the local DNS-IP mapping for the domain name received from respective APs in the VLAN along with geographical information of respective APs, in the cloud computing system; and determining appropriate APs to distribute the global DNS-IP mapping, based on location information of respective APs.

公开(公告)号：US11246055B1

公开(公告)日：2022-02-08

申请号：US17024610

申请日：2020-09-17

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Hao Lu ,  Sachin Ganu ,  Xiaoding Shang ,  Nitin Changlani

IPC: H04L12/715 ,  H04W28/02 ,  H04W28/24 ,  H04W24/02 ,  H04W88/08

Abstract: Systems and methods for providing enhanced Quality of Service (QoS) network transmissions can be based on an application sub-class or a user class. Systems and methods can include inspecting the information packet having a network level QoS field having a first network level QoS portion and a second network level QoS portion, determining an application sub-class or user class associated with the information packet, tagging the first network level QoS portion of the information packet according to a first network level QoS value, tagging the second network level QoS portion of the information packet according to a traffic priority indication and to a determined application sub-class or user class, and queuing the information packet for transmission from a network element based on the tagged first network level QoS portion and the second network level QoS portion.