公开(公告)号：US11588711B2

公开(公告)日：2023-02-21

申请号：US17120896

申请日：2020-12-14

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Ankush Verma ,  Bhavana Malhotra Bodas ,  Kaushik Pratap Biswas ,  Chandramouli Balasubramanian ,  Anirudh Ramnath Ramakrishna ,  Madhuri Kolli

IPC: H04L41/5041 ,  H04L67/10

Abstract: Methods, systems, and non-transitory computer-readable media are provided for deploying intent-driving cloud branches. An example method can include obtaining, by one or more controllers in a software-defined network (SDN), a branch network design template for deploying a remote branch in the SDN, wherein the branch network design template defines networking settings for a plurality of services to be provisioned at the remote branch; obtaining, by the one or more controllers, a plurality of software packages for the plurality of services to be provisioned at the remote branch; and based on the branch network design template and the plurality of software packages, provisioning, by the one or more controllers, the plurality of services at the remote branch and a network connectivity of the plurality of services.

公开(公告)号：US20220417060A1

公开(公告)日：2022-12-29

申请号：US17898214

申请日：2022-08-29

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Madhuri Kolli ,  Giorgio Valentini ,  Venkatraman Venkatapathy ,  Avinash Ashok Kumar Chiganmi ,  Vivek Agarwal

IPC: H04L12/46 ,  H04L12/66 ,  H04L45/02 ,  H04L45/00

Abstract: The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.

公开(公告)号：US20220376982A1

公开(公告)日：2022-11-24

申请号：US17882752

申请日：2022-08-08

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Anand Oswal ,  Chethan Channappa ,  Subhash Kodnad ,  Jeevan Sharma

IPC: H04L41/0894 ,  G16Y30/10 ,  H04L12/28 ,  H04L47/76 ,  H04L67/12

Abstract: The present disclosure is directed to managing industrial internet of things end points and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more switches to perform operations comprising: identifying a first end point using a protocol associated with the first end point, determining a classification for the identified first end point based on one or more attributes of the first end point, identifying one or more related end points having the classification in common with the first end point, segmenting the first end point with the identified one or more related end points, and applying one or more policies to the segmented first end point and the one or more related end points.

公开(公告)号：US11502871B2

公开(公告)日：2022-11-15

申请号：US17467075

申请日：2021-09-03

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Harish A. Kapadia

IPC: H04L12/46 ,  H04L41/0823 ,  H04L9/40 ,  H04L41/0806 ,  H04L49/25 ,  H04L41/0896 ,  H04L41/0893 ,  H04L45/24 ,  H04L47/20

Abstract: A network controller can register WAN edge routers and WAN optimizers distributed across a WAN. The controller can receive a request to establish a WAN optimized connection between first and second hosts. The controller can identify a first WAN optimizer to perform first services (e.g., de-duplication, compression, application acceleration, caching, etc.) for first traffic from the first host to the second host and first complementary services for second traffic from the second host to the first host, and a second WAN optimizer for the second traffic and second complementary services for the first traffic. The controller can establish the optimized connection comprising a first path including the first host, WAN optimizer, and router; a second path including the first router and a second router, and a third path including the second router, WAN optimizer, and host. The controller can route the first and second traffic through the optimized connection.

公开(公告)号：US20220329477A1

公开(公告)日：2022-10-13

申请号：US17389122

申请日：2021-07-29

Applicant: Cisco Technology, Inc.

Inventor： Avinash Ashok Kumar Chiganmi ,  Venkatraman Venkatapathy ,  Giorgio Valentini ,  Madhuri Kolli ,  Karumbayiram Gunasekaran ,  Balaji Sundararajan

IPC: H04L12/24 ,  H04L12/707 ,  H04L12/46

Abstract: The present technology discloses methods, systems, and non-transitory computer-readable storage media for establishing a redundant path connection. An example method can include configuring a software-defined wide-area network (SDWAN) tunnel between an on-premises router and a plurality of SDWAN routers; configuring a virtual layer 2 connection between the plurality of SDWAN routers and handoff locations for a virtual cloud resource (VCR) associated with at least one VCR tag, wherein a software-defined cloud infrastructure (SDCI) underlay associated with at least one SDCI provider connects to a cloud service provider (CSP) at the handoff locations; configuring a VCR connection between at least one VCR associated with the VCR tag and the handoff locations for the at least one VCR; configuring a border gateway protocol (BGP) session between the plurality of SDWAN routers and the handoff locations; and validating the SDWAN tunnel, the virtual layer 2 connection, the VCR connection, and the BGP session.

公开(公告)号：US11418491B2

公开(公告)日：2022-08-16

申请号：US16801430

申请日：2020-02-26

Applicant: Cisco Technology Inc.

Inventor： Balaji Sundararajan ,  Venkatesh Gota B R ,  Sireesha Yeruva ,  Chandramouli Balasubramanian ,  Anand Oswal

IPC: H04L9/40 ,  H04L1/18 ,  H04L45/00 ,  H04L69/22

Abstract: The present disclosure is directed to systems and methods for dynamic firewall discovery on a service plane. The method includes the steps of identifying a source data packet for transmission from a source machine at a source site to a destination machine at a destination site, wherein the source data packet corresponds to a request for connection between the source machine and the destination machine over a WAN, inspecting the source data packet at a first firewall associated with the source site, marking the source data packet with a marker to indicate inspection by the first firewall, transmitting the marked source data packet to the destination site, determining at the destination site that the source data packet has been inspected based on the marker, and forwarding the source data packet to the destination machine at the destination site, without inspection of the source data packet by a second firewall associated with the destination site.

公开(公告)号：US11381478B2

公开(公告)日：2022-07-05

申请号：US17140273

申请日：2021-01-04

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vamsidhar Valluri ,  Chandramouli Balasubramanian ,  Anand Oswal ,  Ram Dular Singh

IPC: H04L12/24 ,  H04L41/5051 ,  H04L43/55 ,  H04L43/091

Abstract: In one embodiment, a method includes providing a first profile to a plurality of edge routers of the SD-WAN, the plurality of edge routers operable to interface a plurality of devices to the SD-WAN. The first profile enables the plurality of edge routers to discover which devices of the plurality of devices support a first application. The method includes receiving, from one or more of the edge routers, information indicating which devices of the plurality of devices support the first application and building a first application fabric based on the information indicating which devices of the plurality of devices support the first application.

公开(公告)号：US20220116806A1

公开(公告)日：2022-04-14

申请号：US17556765

申请日：2021-12-20

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Sanjay Kumar Hooda ,  Venkatesh Ramachandra Gota ,  Chandramouli Balasubramanian ,  Anand Oswal

IPC: H04W24/08 ,  H04W28/02 ,  H04W36/22 ,  H04W28/24 ,  H04W48/06

Abstract: Systems and methods for managing traffic in a hybrid environment include monitoring traffic load of a local network to determine whether the traffic load exceeds or is likely to exceed a maximum traffic load, where the maximum traffic load is a traffic load for which a service can be provided by the local network, based on a license. An excess traffic load is determined if the traffic load exceeds or is likely to exceed the maximum traffic load. One or more external networks which have a capacity to provide the service to the excess traffic load are determined, to which the excess traffic load is migrated. The local network includes one or more service instances for providing the service for up to the maximum traffic load, and the service to the excess traffic load is provided by one or more additional service instances in the one or more external networks.

公开(公告)号：US20210399920A1

公开(公告)日：2021-12-23

申请号：US17467075

申请日：2021-09-03

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Harish A. Kapadia

IPC: H04L12/46 ,  H04L12/24 ,  H04L29/06 ,  H04L12/947 ,  H04L12/707

Abstract: A network controller can register WAN edge routers and WAN optimizers distributed across a WAN. The controller can receive a request to establish a WAN optimized connection between first and second hosts. The controller can identify a first WAN optimizer to perform first services (e.g., de-duplication, compression, application acceleration, caching, etc.) for first traffic from the first host to the second host and first complementary services for second traffic from the second host to the first host, and a second WAN optimizer for the second traffic and second complementary services for the first traffic. The controller can establish the optimized connection comprising a first path including the first host, WAN optimizer, and router; a second path including the first router and a second router, and a third path including the second router, WAN optimizer, and host. The controller can route the first and second traffic through the optimized connection.

公开(公告)号：US20210218726A1

公开(公告)日：2021-07-15

申请号：US16738954

申请日：2020-01-09

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Vivek Agarwal ,  Darrin Joseph Miller ,  Anand Oswal ,  Chandramouli Balasubramanian

IPC: H04L29/06 ,  H04L29/08

Abstract: In one embodiment, a method by a first network apparatus includes receiving a request to access a resource from a client device associated with a user, determining that the request does not comprise a session cookie, sending an authorization request to a second network apparatus, receiving an authorization response including a resource authorization token from the second network apparatus, determining that the user is authorized to access the resource using the client device based on the received resource authorization token, establishing a first communication session with the client device by sending a message to the client device, and establishing a second communication session with a resource server that provides the resource, where the first network apparatus relays traffic between the client device and the resource server.