-
公开(公告)号:US20170359758A1
公开(公告)日:2017-12-14
申请号:US15182143
申请日:2016-06-14
Applicant: Juniper Networks, Inc.
Inventor: Prasad Chigurupati , Venkatesh Badakere , Sarvesh K. Batta
CPC classification number: H04W36/0022 , H04M15/66 , H04W28/0273 , H04W36/14 , H04W36/18 , H04W88/16
Abstract: An example gateway device determines that a first policy, applicable to a subscriber device when the subscriber device is coupled to a first access network, indicates that packets from the subscriber device are to be sent to a service device, and forwards a first set of packets from the subscriber device to the service device while the subscriber device is coupled to the first access network. After determining that the subscriber device has become coupled to a second access network of the plurality of access networks, the gateway device determines that a second policy, for the subscriber device when the subscriber device is coupled to the second access network, does not indicate that packets should be sent to the service device, but nevertheless forwards a second set of packets from the subscriber device to the service device while the subscriber device is coupled to the second access network.
-
2.发明授权公开(公告)号:US11575653B2
公开(公告)日:2023-02-07
申请号:US16902458
申请日:2020-06-16
Applicant: Juniper Networks, Inc.
Inventor: Goutham Kondapavuluru , Sarvesh K. Batta , Vijay Sai Ram Paruchuri , Ramesh Biradar , Sharanagoud B. Devaraddi
Abstract: A network device may create an encrypted packet and may duplicate the encrypted packet to create a plurality of encrypted packets that includes a first set of encrypted packets that is associated with a first receiving network device and a second set of encrypted packets that is to be associated with a second receiving network device. The network device may modify the second set of encrypted packets by replacing a first virtual destination address in the second set of the plurality of encrypted packets with a second virtual destination address that identifies a virtual tunnel endpoint of the second receiving network device. The network device may encapsulate and may send, based on the first virtual destination address and the second virtual destination address, individual encapsulated encrypted packets to the first receiving network device or the second receiving network device.
-
公开(公告)号:US10042722B1
公开(公告)日:2018-08-07
申请号:US14748113
申请日:2015-06-23
Applicant: Juniper Networks, Inc.
Inventor: Prasad Chigurupati , Sarvesh K. Batta , Venkatesh Br Gota
Abstract: In some examples, techniques are directed to applying one or more corrective actions that cause the network device to bypass the failed service node of the service chain. In some examples, method includes determining that a failure has occurred at a service node included in a plurality of service nodes, the plurality of service nodes configured to apply one or more stateful services of a primary service chain to packet flows from a plurality of subscriber devices; in response to determining that the failure has occurred, configuring forwarding state of the network device to process the packet flows from the plurality of subscriber devices based on a corrective action that bypasses the service node of the primary service chain; and in response to receiving a subscriber packet in the packet flows, processing the packet flows from the plurality of subscriber devices based on the corrective action.
-
4.发明授权公开(公告)号:US12177187B2
公开(公告)日:2024-12-24
申请号:US18145995
申请日:2022-12-23
Applicant: Juniper Networks, Inc.
Inventor: Goutham Kondapavuluru , Sarvesh K. Batta , Vijay Sai Ram Paruchuri , Ramesh Biradar , Sharanagoud B Devaraddi
Abstract: A network device may create an encrypted packet and may duplicate the encrypted packet to create a plurality of encrypted packets that includes a first set of encrypted packets that is associated with a first receiving network device and a second set of encrypted packets that is to be associated with a second receiving network device. The network device may modify the second set of encrypted packets by replacing a first virtual destination address in the second set of the plurality of encrypted packets with a second virtual destination address that identifies a virtual tunnel endpoint of the second receiving network device. The network device may encapsulate and may send, based on the first virtual destination address and the second virtual destination address, individual encapsulated encrypted packets to the first receiving network device or the second receiving network device.
-
Patent Agency Ranking
公开(公告)号:US11811817B2
公开(公告)日:2023-11-07
申请号:US17937516
申请日:2022-10-03
Applicant: Juniper Networks, Inc.
Inventor: Sarvesh K. Batta , Thyagarajan S. Pasupathy , Mohan Thangavel
CPC classification number: H04L63/1433 , H04L47/32 , H04L63/0281 , H04L63/083 , H04L63/166
Abstract: A network device may receive a first data packet. The network device may determine that a level of available computing resources satisfies a threshold level. The network device may perform a secure socket layer (SSL) proxy function based on the level of available computing resources satisfying the threshold level. The network device may receive a second data packet. The network device may determine that the level of available computing resources fails to satisfy the threshold level. The network device may determine a security characteristic associated with the second data packet. The network device may determine a security rating associated with the second data packet based on the security characteristic. The network device may selectively perform the SSL proxy function based on the security rating.
-
公开(公告)号:US10033589B1
公开(公告)日:2018-07-24
申请号:US14871333
申请日:2015-09-30
Applicant: Juniper Networks, Inc.
Inventor: Sarvesh K. Batta , Venkatesh Badakere , Prasad Chigurupati
IPC: H04L12/24 , H04L12/911
Abstract: In general, techniques are described for managing group policies in a network. In some examples, a policy enforcement device comprising a plurality of service planes, each having one or more processors operably coupled to a memory, receives a policy enforcement request that includes data identifying a subscriber from a policy control server for a network. The plurality of service planes are further configured to assign, in response to determining that the subscriber is a member of a subscriber group that includes a plurality of subscribers, the subscriber to a selected service plane of the plurality of service planes. The selected service plane applies a group policy for the subscriber group to subscriber data traffic associated with the subscriber.
-
公开(公告)号:US20230231797A1
公开(公告)日:2023-07-20
申请号:US17577340
申请日:2022-01-17
Applicant: Juniper Networks, Inc.
IPC: H04L45/00 , H04L45/28 , H04L45/028
CPC classification number: H04L45/22 , H04L45/28 , H04L45/028
Abstract: Techniques are disclosed for management of communication sessions of network traffic between client devices and the use of an up-to-date session state to enable seamless failovers between routers. One example technique may prepare each backup router to resume sessions of the active router in event of a failover and cause a redirection of the network traffic to complete the failover to a backup router. In a hot-switchover example, a network device known as a session controller synchronizes the session state information to backup router prior to failure and then, causes the network traffic to be redirected to backup router in response to the active router failure. In a warm-switchover example, the same session controller selects a backup router dynamically after detecting failure to active router, synchronizes session state information to backup router, and trigger routing updates, causing the network traffic to be redirected to the backup router.
-
公开(公告)号:US11496504B2
公开(公告)日:2022-11-08
申请号:US16884866
申请日:2020-05-27
Applicant: Juniper Networks, Inc.
Inventor: Sarvesh K. Batta , Thyagarajan S. Pasupathy , Mohan Thangavel
Abstract: A network device may receive a first data packet. The network device may determine that a level of available computing resources satisfies a threshold level. The network device may perform a secure socket layer (SSL) proxy function based on the level of available computing resources satisfying the threshold level. The network device may receive a second data packet. The network device may determine that the level of available computing resources fails to satisfy the threshold level. The network device may determine a security characteristic associated with the second data packet. The network device may determine a security rating associated with the second data packet based on the security characteristic. The network device may selectively perform the SSL proxy function based on the security rating.
-
公开(公告)号:US10091692B2
公开(公告)日:2018-10-02
申请号:US15182143
申请日:2016-06-14
Applicant: Juniper Networks, Inc.
Inventor: Prasad Chigurupati , Venkatesh Badakere , Sarvesh K. Batta
Abstract: An example gateway device determines that a first policy, applicable to a subscriber device when the subscriber device is coupled to a first access network, indicates that packets from the subscriber device are to be sent to a service device, and forwards a first set of packets from the subscriber device to the service device while the subscriber device is coupled to the first access network. After determining that the subscriber device has become coupled to a second access network of the plurality of access networks, the gateway device determines that a second policy, for the subscriber device when the subscriber device is coupled to the second access network, does not indicate that packets should be sent to the service device, but nevertheless forwards a second set of packets from the subscriber device to the service device while the subscriber device is coupled to the second access network.
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.016 seconds)
