公开(公告)号：US20220311803A1

公开(公告)日：2022-09-29

申请号：US17301150

申请日：2021-03-26

Applicant: Cisco Technology, Inc.

Inventor： Malcolm M. SMITH ,  Jerome HENRY ,  Pooya MONAJEMI ,  Brian D. HART ,  David S. KLOPER

IPC: H04L29/06 ,  H04W12/08

Abstract: A device includes a memory and a hardware processor communicatively coupled to the memory. The hardware processor determines that a computing device communicatively coupled to an access point performed an action with respect to the access point and in response to determining that the action causes a deviation from a multi-user uplink policy of the access point, transmits a disciplinary message to the computing device.

公开(公告)号：US20220286447A1

公开(公告)日：2022-09-08

申请号：US17249644

申请日：2021-03-08

Applicant: Cisco Technology, Inc.

Inventor： Robert E. BARTON ,  Jerome HENRY ,  Nagendra Kumar NAINAR ,  Carlos M. PIGNATARO ,  Bart A. BRINCKMAN

IPC: H04L29/06

Abstract: Aspects described herein include a method and related network device and computer program product. The method includes authenticating an identity of a user of a client device associated with an access network provider. Authenticating the identity of the user includes receiving, from an identity provider, a credential associated with the identity and information identifying a network-based security service to be provided to the client device. The method further includes establishing, using the credential and the received information, a secure connection between the access network provider and a security service provider that is capable of providing the network-based security service to the client device.

公开(公告)号：US20220225131A1

公开(公告)日：2022-07-14

申请号：US17148640

申请日：2021-01-14

Applicant: Cisco Technology, Inc.

Inventor： Vishal Satyendra DESAI ,  Edgard VANGEEL ,  Jerome HENRY ,  Robert E. Barton

IPC: H04W24/06

Abstract: Channel availability check optimization may be provided. A plurality of Pulse Repetition Intervals (PRIs) may be determined for a respective plurality of bursts on a respective plurality of frequencies. A list of at least a portion of the plurality of frequencies may be generated. The list may include a plurality of bias factors respectively indicating a probability that each of the respective plurality of bursts was a radar burst based on the respective plurality of PRIs. An Access Point (AP) may perform a plurality of preemptive Channel Availability Checks (CACs) on each of the respective plurality of frequencies on the list in order of highest probability to lowest probability based on the plurality of bias factors.

公开(公告)号：US20220210722A1

公开(公告)日：2022-06-30

申请号：US17136773

申请日：2020-12-29

Applicant: Cisco Technology, Inc.

Inventor： Vinay SAINI ,  Robert Edgar BARTON ,  Elango GANESAN ,  Swapna ANANDAN ,  Jerome HENRY

IPC: H04W48/16 ,  H04W48/18 ,  H04W36/14 ,  H04W8/18 ,  H04W12/06 ,  H04W84/12

Abstract: Automatic onboarding of a device onto a cellular network may be provided through a Wireless Local Area Network (WLAN). Subsequent to a device connecting to a first network (e.g., the WLAN), information associated with the device and the first network may be received. One or more tags may be generated and an intent profile may be defined for the device based on the received information, where the intent profile may indicate at least a second network (e.g., the cellular network) that the device is enabled to connect with and one or more policies associated with the connection. The tags and intent profile may be transmitted to a service provider platform, and an onboarding profile template identified using the tags and the intent profile may be received from the service provider platform. The onboarding profile template may be provided to the device to enable connection to the second network.

公开(公告)号：US20220141714A1

公开(公告)日：2022-05-05

申请号：US17148146

申请日：2021-01-13

Applicant: Cisco Technology, Inc.

Inventor： Malcolm M. SMITH ,  Jerome HENRY ,  Mark GRAYSON ,  Robert E. BARTON ,  Bart A. BRINCKMAN

IPC: H04W28/24 ,  H04W8/22 ,  H04W12/06 ,  H04W12/69

Abstract: Embodiments herein describe techniques for dynamically negotiating an SLA between a roaming device and a VN in an identity federation. Instead of an IDP having to individually negotiate with a VN to decide on an SLA before a user device roams to the VN, the parties can dynamically negotiate the SLA after the user device has detected the VN (but before the device is permitted to connect or associate with the VN). In one embodiment, when a roaming user device comes within wireless range of a VN, the roaming device receives an advertisement from the VN that indicates the current SLA (or SLAs) offered by the VN. The roaming device can compare this offered SLA to a stored SLA in an identity profile the device received from the IDP to determine whether to accept the offer. In another embodiment, the SLA is instead negotiated between VN and the IDP.

公开(公告)号：US20220132365A1

公开(公告)日：2022-04-28

申请号：US17077865

申请日：2020-10-22

Applicant: Cisco Technology, Inc.

Inventor： Robert E. BARTON ,  Jerome HENRY ,  Akram I. SHERIFF ,  Thomas SZIGETI

IPC: H04W28/02 ,  H04L1/00

Abstract: Techniques and apparatus for managing congestion in a wireless network are provided. One technique includes receiving one or more buffer status reports (BSRs) from one or more client stations. Each BSR indicates an amount of traffic in a transmit queue of the client station. An allocation of resource units (RUs) for the one or more client stations is determined, based on at least a type of traffic in each transmit queue of the one or more client stations, upon a determination that there is congestion on an uplink wireless channel shared by the one or more client stations. A frame that includes an indication of the allocation of RUs for the one or more client stations is generated. The frame is transmitted to the one or more client stations.

公开(公告)号：US20210364597A1

公开(公告)日：2021-11-25

申请号：US16880797

申请日：2020-05-21

Applicant: Cisco Technology, Inc.

Inventor： Akram I. SHERIFF ,  Jerome HENRY ,  Robert E. BARTON ,  Pooya MONAJEMI

IPC: G01S7/36 ,  G01S13/76

Abstract: Embodiments for securing fine timing measurement (FTM) communications are described. FTM communications include FTM frames sent and received from an initiating station (ISTA) and a responding station (RSTA). The RSTA records a plurality of parameters associated with the FTM frames and uses the plurality of parameters to learn and identify a device profile for the ISTA. The device profile is used to determine a behavior filter for the FTM from the ISTA and the RSTA filters FTM traffic according to the behavior filter to prevent malicious attacks in the FTM communications.

公开(公告)号：US20210282144A1

公开(公告)日：2021-09-09

申请号：US16809227

申请日：2020-03-04

Applicant: Cisco Technology, Inc.

Inventor： Robert E. BARTON ,  Vishal S. DESAI ,  Jerome HENRY

IPC: H04W72/04 ,  H04W72/10

Abstract: Resource Unit (RU) allocation in mesh networks is provided via identifying devices engaged in wireless communication over a shared channel in a mesh network, the devices including a first Access Point (AP), a second AP in wireless communication with the first AP via a first backhaul connection, and a third AP in wireless communication with the first AP via a second backhaul connection; determining a first demand for bandwidth in the shared channel over the first backhaul connection and a second demand for bandwidth over the second backhaul connection; and assigning RUs to the first backhaul connection based on the first demand relative to a total bandwidth demand within the shared channel and to the second backhaul connection based on the second demand relative to the total bandwidth demand the shared channel, wherein the total bandwidth demand includes the first demand and the second demand.

公开(公告)号：US20210282069A1

公开(公告)日：2021-09-09

申请号：US16812459

申请日：2020-03-09

Applicant: Cisco Technology, Inc.

Inventor： Vishal S. DESAI ,  Jerome HENRY

IPC: H04W40/24 ,  H04L29/06 ,  H04L12/24 ,  H04W88/08 ,  H04L29/12 ,  H04W48/06 ,  H04W48/16

Abstract: Techniques for selective association and denial of association are provided. Association requests from a first device and a second device are received at an access point. A first media access control (MAC) address of the first device is determined, and a second MAC address of the second device is determined. A first role of the first device and a second role of the second device are each identified, based on a predefined mapping between MAC addresses and roles. Upon determining that the first device is associated with the first role, a unicast response is returned to the first device, where the unicast response includes an association disallowed frame. Additionally, upon determining that the second device is associated with the second role, a unicast response is returned to the second device, where the unicast response allows the second device to associate with the access point.

公开(公告)号：US20210282056A1

公开(公告)日：2021-09-09

申请号：US16809408

申请日：2020-03-04

Applicant: Cisco Technology, Inc.

Inventor： Malcolm M. SMITH ,  Jerome HENRY ,  Sudhir K. JAIN ,  Srinath GUNDAVELLI ,  Shree N. MURTHY

IPC: H04W28/24 ,  H04W12/08 ,  H04W88/08 ,  H04W28/02 ,  H04W16/18

Abstract: Dynamic policy mapping is provided via mapping, by an Access Point (AP), a plurality of applications to a set of privilege groups for Quality of Service (QoS) levels in a network; transmitting the mapping of the privilege groups to a client device; receiving packets from the client device including QoS markers; and in response to determining that the QoS markers received from the client device do not match the privilege groups for the packets, performing a corrective action on the client device, wherein the corrective action includes one or more of: disassociating the client device from the network; and retransmitting the set of privilege groups to the client device. In some embodiments, the privilege groups are transmitted before the client device is associated with the AP, enabling the client device to select what AP to associate with based on the privilege groups.