公开(公告)号：US20240313997A1

公开(公告)日：2024-09-19

申请号：US18674166

申请日：2024-05-24

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Madhuri Kolli ,  Giorgio Valentini ,  Venkatraman Venkatapathy ,  Avinash Ashok Kumar Chiganmi ,  Vivek Agarwal

IPC: H04L12/46 ,  H04L12/66 ,  H04L45/00 ,  H04L45/02

CPC classification number: H04L12/4666 ,  H04L12/465 ,  H04L12/4675 ,  H04L12/66 ,  H04L45/04 ,  H04L45/54

Abstract: The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.

公开(公告)号：US12068959B1

公开(公告)日：2024-08-20

申请号：US18225487

申请日：2023-07-24

Applicant: Cisco Technology, Inc.

Inventor： Ganesh Devendrachar ,  Ajeet Pal Singh Gill ,  Balaji Sundararajan ,  Srilatha Tangirala ,  Satish Varadarajula ,  Satyajit Das

IPC: H04L45/76 ,  H04L45/24 ,  H04L47/125

CPC classification number: H04L45/76 ,  H04L45/24 ,  H04L47/125

Abstract: Techniques for automatically providing per tenant weighted DCMP over shared transport interfaces and automated flow has load balancing are described. The techniques may include onboarding the tenant to the local multi-tenant edge device associated with a tenant, where the resource profile defines a traffic allowance per transport interface for the tenant. Local weight per transport interface is applied. Information including local weight per transport interface is transmitted to a remote device via an SD-WAN controller. Information including a remote weight per transport interface of the remote device is received via the SD-WAN controller. Traffic is routed from the tenant based on local weight per transport interface of the local device and remote weight per transport interface of the remote device.

公开(公告)号：US20240223397A1

公开(公告)日：2024-07-04

申请号：US18608677

申请日：2024-03-18

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Ajeet Pal Singh Gill ,  Srilatha Tangirala ,  Nithin Bangalore Raju ,  Ravi Kiran Chintallapudi ,  Pradeepan Kannawadi ,  Ganesh Devendrachar

IPC: H04L12/28 ,  H04L67/10

CPC classification number: H04L12/28 ,  H04L67/10

Abstract: Techniques for virtualizing tenant transport interfaces configured to implement pertenant network routing attribute differentiation in each tenant overlay of a multisite wide area network (WAN) and share the virtual transport interfaces between multi-tenant edge (MTE) devices providing transport services to tenant devices based on a defined tenant tier model. A Software-Defined Networking (SDN) controller may receive a physical transport interface and/or a device type associated with a tenant device. The SDN controller may determine a virtual transport interface for the tenant device based on a tier associated with the tenant. MTE device(s) may utilize the physical transport interface to establish sessions with other MTE device(s) in the WAN. The virtual transport interface may be utilized by MTE devices to implement and/or enforce network routing attributes when forwarding network traffic associated with the tenant via the sessions established between the MTE devices through the WAN.

公开(公告)号：US20240187424A1

公开(公告)日：2024-06-06

申请号：US18415423

申请日：2024-01-17

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Gaurang Rajeev Mokashi ,  Preety Mordani ,  Vivek Agarwal

IPC: H04L9/40 ,  G06F9/455 ,  H04L43/08 ,  H04L47/20 ,  H04L49/25

CPC classification number: H04L63/1416 ,  G06F9/45558 ,  H04L43/08 ,  H04L47/20 ,  H04L49/25 ,  H04L63/20 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Systems, methods, and computer-readable media for performing threat remediation through a switch fabric of a virtualized network environment. Data traffic passing into a virtualized network environment including a plurality of virtual machines running on a switch fabric is monitored. A network threat introduced through at a least a portion of the data traffic is identified at the switch fabric. One or more remedial measures are performed in the network environment based on the identification of the network threat in the virtualized network environment.

公开(公告)号：US20240179125A1

公开(公告)日：2024-05-30

申请号：US18072374

申请日：2022-11-30

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Venkatesh Nataraj ,  Kannan Kumar ,  Padmanabha Nallur ,  Abha Jain ,  Kushal Patel

IPC: H04L9/40

CPC classification number: H04L63/0263 ,  H04L63/0428

Abstract: This disclosure describes techniques and mechanisms for disclosure describes techniques and mechanisms for optimizing firewall enforcement. The techniques may implement a dynamic detection of Layer 7 processing at one end of the network, alleviating the need to enforce another layer 7 firewall inspection at the other end, thereby saving processing and network resources. The techniques enable firewalls and policies to be statically defined and located in one place.

公开(公告)号：US20240098535A1

公开(公告)日：2024-03-21

申请号：US18524474

申请日：2023-11-30

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Sanjay Kumar Hooda ,  Venkatesh Ramachandra Gota ,  Chandramouli Balasubramanian ,  Anand Oswal

IPC: H04W24/08 ,  H04W28/02 ,  H04W28/24 ,  H04W36/22 ,  H04W48/06

CPC classification number: H04W24/08 ,  H04W28/0221 ,  H04W28/0284 ,  H04W28/0289 ,  H04W28/24 ,  H04W36/22 ,  H04W48/06

Abstract: Systems and methods for managing traffic in a hybrid environment include monitoring traffic load of a local network to determine whether the traffic load exceeds or is likely to exceed a maximum traffic load, where the maximum traffic load is a traffic load for which a service can be provided by the local network, based on a license. An excess traffic load is determined if the traffic load exceeds or is likely to exceed the maximum traffic load. One or more external networks which have a capacity to provide the service to the excess traffic load are determined, to which the excess traffic load is migrated. The local network includes one or more service instances for providing the service for up to the maximum traffic load, and the service to the excess traffic load is provided by one or more additional service instances in the one or more external networks.

公开(公告)号：US20240073084A1

公开(公告)日：2024-02-29

申请号：US18122931

申请日：2023-03-17

Applicant: Cisco Technology, Inc.

Inventor： Bhairav Dutia ,  Manish Jiwansingh Mehra ,  Upendar Surabhi ,  Sharmishtha Upadhyay ,  Sanjeev Pandurang Tondale ,  Yanbo Zhang ,  Yogesh Mittal ,  Nithin Bangalore Raju ,  Srilatha Tangirala ,  Balaji Sundararajan

IPC: H04L41/0681 ,  H04L41/0686 ,  H04L41/0894

CPC classification number: H04L41/0681 ,  H04L41/0686 ,  H04L41/0894

Abstract: Techniques and architecture are described for a pull model for obtaining and implementing config changes on network devices are described herein. A user submits intent configuration to the network controller that needs to be delivered to several network sites. The network controller generates a config file. The network controller sends a pull notification message to all network devices that need to retrieve the config file. This pull notification message only contains a corresponding transaction ID for each network device and a location for the network device to use to pull the config file. The network devices may utilize a HTTP REST API exposed by the network controller to obtain the config file from the network controller. The network devices may utilize a REST API exposed by the network controller to reply with statuses of the configuration transaction. The techniques and architecture may be applied to multi-tenant network devices.

公开(公告)号：US20230412483A1

公开(公告)日：2023-12-21

申请号：US17867389

申请日：2022-07-18

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Jegan Kumar Somi Ramasamy Subramanian ,  Gokul Krishnan ,  Giorgio Valentini ,  Venkatraman Venkatapathy

IPC: H04L43/12 ,  H04L43/08 ,  H04L41/0654

CPC classification number: H04L43/12 ,  H04L43/08 ,  H04L41/0654

Abstract: Techniques for sharing the probing of software-as-a-service clouds among a cluster of routers are described herein. The techniques may include establishing a first path between a cluster of routers and an application infrastructure. Establishing a second path between the cluster of routers and the application infrastructure. Designating a first router in the cluster of routers to send probes over the first path to the application infrastructure. Designating a second router in the cluster of routers to send probes over the second path to the application infrastructure. Distributing, by the first router and to the cluster of routers, first routing performance data indicating a performance of the first path when communicating with the application infrastructure over the first path, distributing, by the second router and to the cluster of routers, second routing performance data indicating a performance of the second path when communicating with the application infrastructure over the second path.

公开(公告)号：US11799821B2

公开(公告)日：2023-10-24

申请号：US17471077

申请日：2021-09-09

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Samar Sharma

IPC: H04L61/256 ,  H04L45/00 ,  H04L45/302 ,  H04L45/74 ,  H04L9/40 ,  H04L61/4511 ,  H04L41/0893 ,  H04L45/64

CPC classification number: H04L61/256 ,  H04L45/22 ,  H04L45/306 ,  H04L45/38 ,  H04L45/74 ,  H04L61/4511 ,  H04L63/101 ,  H04L41/0893 ,  H04L45/64

Abstract: Systems, methods, and computer-readable media for creating service chains for inter-cloud traffic. In some examples, a system receives domain name system (DNS) queries associated with cloud domains and collects DNS information associated the cloud domains. The system spoofs DNS entries defining a subset of IPs for each cloud domain. Based on the spoofed DNS entries, the system creates IP-to-domain mappings associating each cloud domain with a respective IP from the subset of IPs. Based on the IP-to-domain mappings, the system programs different service chains for traffic between a private network and respective cloud domains. The system routes, through the respective service chain, traffic having a source associated with the private network and a destination matching the IP in the respective IP-to-domain mapping.

公开(公告)号：US20230077361A1

公开(公告)日：2023-03-16

申请号：US18057703

申请日：2022-11-21

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Khalil A. Jabr ,  Anand Oswal ,  Vivek Agarwal ,  Chandramouli Balasubramanian

IPC: H04L45/64 ,  H04L12/46 ,  H04L45/02 ,  H04L45/50 ,  H04L47/2441

Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.