公开(公告)号：US20210136092A1

公开(公告)日：2021-05-06

申请号：US17123342

申请日：2020-12-16

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Puneet Sharma ,  Anand Mudgerikar

IPC: H04L29/06 ,  H04L9/32

Abstract: An example system may comprise a first computing device comprising instructions executable by a hardware processor to: create, responsive to detecting a second computing device initially attempting to connect to a network, an unpopulated baseline profile for the second computing device; populate the baseline profile with initial processes running on the second computing device and initial system calls made by the initial processes during an initial operation time period of the second computing device; monitor, during a subsequent operation time period of the second computing device, subsequent processes running on the second computing device and subsequent system calls made by the subsequent processes; and detect an attack on the second computing device based on a comparison of the subsequent processes and the subsequent system calls to the populated baseline profile.

公开(公告)号：US10827020B1

公开(公告)日：2020-11-03

申请号：US16592560

申请日：2019-10-03

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Lianjie Cao ,  Puneet Sharma

IPC: G06F13/00 ,  H04L29/08 ,  H04L12/26 ,  H04L29/06

Abstract: Example implementations relate to assigning microservices to cluster nodes. A sidecar proxy may be deployed at a data plane of a distributed service. The sidecar proxy may monitor telemetry data between microservices of the distributed service. A communication pattern may be determined from the telemetry data of the distributed service. Each microservice of the distributed service may be assigned to a cluster node based on the communication pattern.

公开(公告)号：US10594621B2

公开(公告)日：2020-03-17

申请号：US15646070

申请日：2017-07-10

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Puneet Sharma ,  Amit Kumar Sheoran ,  Vinay Saxena

IPC: G06F15/173 ,  H04L12/923 ,  H04L12/725

Abstract: Examples provided herein describe a method for managing virtualized network service bundles. For example, a physical processor may implement machine readable instructions to receive a first data packet in a virtual network, determine a first type of the first data packet, determine a first active virtualized network service bundle instance associated with a first virtualized network service bundle that handles the first type of data packet, and direct the first data packet to the first active virtualized network service bundle instance. In some examples, the first virtualized network service bundle may comprise a first set of virtual network functions, and the first virtualized network service bundle may be associated with a set of active virtualized network service bundles instances, where the set of active virtualized network service bundle instances may comprise the first active virtualized network service bundle instance.

公开(公告)号：US20190238567A1

公开(公告)日：2019-08-01

申请号：US15885447

申请日：2018-01-31

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Puneet Sharma ,  Anand Mudgerikar

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/1416 ,  H04L9/0891 ,  H04L9/3236 ,  H04L9/3242 ,  H04L9/3297 ,  H04L63/06 ,  H04L63/08 ,  H04L63/14 ,  H04L63/145 ,  H04L2209/38 ,  H04L2209/805

Abstract: An example system may comprise a first computing device comprising instructions executable by a hardware processor to: create, responsive to detecting a second computing device initially attempting to connect to a network, an unpopulated baseline profile for the second computing device; populate the baseline profile with initial processes running on the second computing device and initial system calls made by the initial processes during an initial operation time period of the second computing device; monitor, during a subsequent operation time period of the second computing device, subsequent processes running on the second computing device and subsequent system calls made by the subsequent processes; and detect an attack on the second computing device based on a comparison of the subsequent processes and the subsequent system calls to the populated baseline profile.

公开(公告)号：US20170279922A1

公开(公告)日：2017-09-28

申请号：US15500237

申请日：2014-08-29

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Puneet Sharma ,  Wenjie Lin ,  David Lee ,  Subramoniam Lyer ,  Ajay Gupta ,  Sarbajit Chatterjee ,  Sharma Deepti

IPC: H04L29/08 ,  H04L29/06

CPC classification number: H04L67/325 ,  H04L12/6418 ,  H04L63/0823 ,  H04L65/1066 ,  H04L67/1097 ,  H04L69/28 ,  H04L69/40

Abstract: Examples relate to scaling persistent connections for cloud computing. In some examples, a data packet is used to determine connection information of the first connection. At this stage, server portion of the first connection is closed by using the connection information to send a close command to the cloud server. In response to a keepalive signal from the client computing device, the connection information is used to send a keepalive response to the client computing device to maintain a client portion of the first connection. In response to a service request from the client computing device, a service notification including the service request is sent to the client computing device, where the client computing device initiates a second connection with the cloud server to process the service request.

公开(公告)号：US20170222873A1

公开(公告)日：2017-08-03

申请号：US15500628

申请日：2014-11-06

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Jung Gun Lee ,  Chaithan M. Prakash ,  Charles F. Clark ,  Dave Lenrow ,  Yoshio Turner ,  Sujata Banerjee ,  Yadi Ma ,  Joon-Myung Kang ,  Puneet Sharma

IPC: H04L12/24

CPC classification number: H04L41/0803 ,  H04L12/6418 ,  H04L41/085 ,  H04L41/0893 ,  H04L41/12

Abstract: Example implementations disclosed herein can be used to generate composite network policy graphs based on multiple network policy graphs input by network users that may have different goals for the network. The resulting composite network policy graph can be used to program a network so that it meets the requirements necessary to achieve the goals of at least some of the network users. In one example implementation, a method can include receiving multiple network policy graphs, generating composite endpoint groups based on relationships between endpoint groups and policy graph sources, generating composite paths based on the relationships between the endpoints and the network policy graphs, generating a composite network policy graph based on the composite endpoint groups and the composite paths, and analyzing the composite network policy graph to determine conflicts or errors.