公开(公告)号：US20240333617A1

公开(公告)日：2024-10-03

申请号：US18739420

申请日：2024-06-11

Applicant: Cisco Technology, Inc.

Inventor： Rajagopalan Janakiraman ,  Vijay Kumar Devendran ,  Kirankumar Meda

IPC: H04L43/062 ,  G06F9/455 ,  H04L43/04 ,  H04L43/0852 ,  H04L45/02

CPC classification number: H04L43/062 ,  G06F9/45558 ,  H04L43/04 ,  H04L43/0852 ,  H04L45/02 ,  G06F2009/45595

Abstract: This disclosure describes dynamically monitoring the flow of traffic along a path that can include points across different cloud service provider networks/regions and/or different private networks. Flow monitoring may be started in response to different triggering events. For instance, flow monitoring of network traffic along one or more network paths may be started in response to performance metrics associate with an application within the multi-cloud environment, current/projected network conditions associated with one or more networks within the multi-cloud environment, and the like. In other examples, a user may specify when to perform flow monitoring for one or more network paths.

公开(公告)号：US20240333598A1

公开(公告)日：2024-10-03

申请号：US18320136

申请日：2023-05-18

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Ankur Bhargava ,  Bhairav Dutia ,  Vivek Agarwal ,  Aastha Verma

IPC: H04L41/12

CPC classification number: H04L41/12

Abstract: Systems and methods provide for creating a network device hierarchy among a plurality of nodes. The network device hierarchy may include a plurality of geography-based groups defined by a corresponding number of geolocations. The operations further include associating each of the plurality of geography-based groups with a plurality of different configuration intents, associating each of the plurality of nodes with one of the plurality of geography-based groups, and deploying the plurality of nodes based on their respective one of the geolocations.

公开(公告)号：US20240333591A1

公开(公告)日：2024-10-03

申请号：US18381426

申请日：2023-10-18

Applicant: Cisco Technology, Inc.

Inventor： Carlos Pignataro ,  Eric A. Voit ,  Nagendra Kumar Nainar ,  Marcelo Yannuzzi

IPC: H04L41/0833 ,  H04L41/12 ,  H04L45/48

CPC classification number: H04L41/0833 ,  H04L41/12 ,  H04L45/48

Abstract: Energy-aware configurations can be utilized to operate a network based on sustainability-related metrics. In many embodiments, a suitable device includes a processor, a memory commutatively coupled to the processor, a plurality of elements, a communication port, and an energy-aware topology logic configured to collect topology data from one or more network devices, wherein each of the one or more network devices include a plurality of elements. The energy-aware topology logic can receive power source data and power usage data related to plurality of elements and generate an element energy coefficient (EEC) for a plurality of elements. Subsequently, the energy-aware topology logic can also generate an energy-aware configuration for at least one of the one or more network devices, and then pass the generated energy-aware configuration to the at least one network device, wherein the energy-aware configuration is configured to steer traffic based on at least one sustainability-related metric.

公开(公告)号：US20240330480A1

公开(公告)日：2024-10-03

申请号：US18356178

申请日：2023-07-20

Applicant: Cisco Technology, Inc.

Inventor： Michael Roytman

IPC: G06F21/57 ,  G06F21/56

CPC classification number: G06F21/577 ,  G06F21/563

Abstract: A system and method are provided for predicting risks related to software vulnerabilities and thereby triaging said vulnerabilities. Input data (e.g., bug reports) are applied to a prediction engine (e.g., a machine learning (ML) method such as a large language model, a transformer neural network, or a classifier model), which outputs two or more scores for each vulnerability. A first score represents a likelihood of an exploit being developed (a threat), a second score represents a likelihood of being attacked (a greater threat), and a third score represents a likelihood of becoming a published common vulnerability and exposure (an even greater threat). Based on these scores, the vulnerabilities are triaged. Because the prediction engine is trained to make predictions using the unstructured data in bug reports, the vulnerabilities can be triaged soon after discovery, reducing the time to remediate vulnerabilities predicted to be significant threats.

公开(公告)号：US20240330348A1

公开(公告)日：2024-10-03

申请号：US18360648

申请日：2023-07-27

Applicant: Cisco Technology, Inc.

Inventor： Andrew ZAWADOWSKIY ,  Oleg BESSONOV ,  Vincent PARLA

IPC: G06F16/34 ,  G06F16/33

CPC classification number: G06F16/345 ,  G06F16/334

Abstract: A system and method are provided for explaining ontological sub-graphs. The system and method include querying an ontology to determine a match between a query graph and a portion of an ontology graph. When there is a match, a subgraph representing the match is first translated into a simple summary using a simple language (e.g., triplets which include a subject and object corresponding to pairs of connected nodes in the subgraph and a verb/predicate representing a relation/edge in the subgraph that connect the pair nodes). This simple summary is then fed, as part of a prompt, to a large language model (LLM) that generates a human-readable summary based on the prompt.

公开(公告)号：US12107896B2

公开(公告)日：2024-10-01

申请号：US17560599

申请日：2021-12-23

Applicant: Cisco Technology, Inc.

Inventor： Jeffrey G. Schutt ,  Max Pritikin

IPC: H04L9/40 ,  G06F8/65 ,  G06F21/56 ,  G06F21/57 ,  G06N3/09 ,  G06N20/00 ,  G06F8/71 ,  G06F21/51

CPC classification number: H04L63/20 ,  G06F8/65 ,  G06F21/563 ,  G06F21/566 ,  G06F21/577 ,  G06N3/09 ,  G06N20/00 ,  G06F8/71 ,  G06F21/51

Abstract: A method, computer system, and computer program product are provided for automatically analyzing software packages to identify the degree of differences between compared software packages and to apply security policies. A first software bill of materials for a software package is processed to extract a plurality of components of the software package, wherein the first software bill of materials indicates a first hierarchy of components based on relationships between components. The first hierarchy is compared to a second hierarchy, the second hierarchy corresponding to a second software bill of materials, to determine a degree of difference between the first hierarchy and the second hierarchy. The degree of difference is compared to one or more threshold values. A security policy is applied with respect to the software package according to a comparison of the degree of difference to the one or more threshold values.

公开(公告)号：US12107740B2

公开(公告)日：2024-10-01

申请号：US18161162

申请日：2023-01-30

Applicant: Cisco Technology, Inc.

Inventor： Fabio R. Maino ,  Saswat Praharaj ,  Alberto Rodriguez-Natal ,  Pradeep K. Kathail

IPC: H04L41/5019 ,  H04L41/046

CPC classification number: H04L41/5019 ,  H04L41/046

Abstract: Provided is an infrastructure for enforcing target service level parameters in a network. In one example, a network service level agreement (SLA) registry obtains one or more input service level parameters for at least one service offered by an application. Based on the one or more input service level parameters, the network SLA registry provides one or more target service level parameters to a plurality of network controllers. Each network controller of the plurality of network controllers is configured to enforce the one or more target service level parameters in a respective network domain configured to carry network traffic associated with the application.

公开(公告)号：US12107734B2

公开(公告)日：2024-10-01

申请号：US18360451

申请日：2023-07-27

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Muninder Singh Sambi ,  Victor Moreno ,  Prakash C. Jain ,  Tarunesh Ahuja ,  Satish Kondalam

IPC: H04L41/0893 ,  G06F9/455 ,  H04L12/46

CPC classification number: H04L41/0893 ,  G06F9/45558 ,  H04L12/4633 ,  H04L12/4641 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.

公开(公告)号：US12107556B2

公开(公告)日：2024-10-01

申请号：US17448822

申请日：2021-09-24

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Sunder ,  Alexander C. Kurylak ,  Kadaba Lakshmikumar

IPC: H03F3/45 ,  H03G3/30

CPC classification number: H03F3/45475 ,  H03G3/30 ,  H03G2201/103

Abstract: An integrated circuit includes a transimpedance amplifier and an injection circuit. The injection circuit generates a first electrical test signal and injects the first electrical test signal into the transimpedance amplifier. The first electrical test signal or an output of the transimpedance amplifier generated based on the first electrical test signal is used to determine whether the integrated circuit is faulty.

公开(公告)号：US20240323284A1

公开(公告)日：2024-09-26

申请号：US18326289

申请日：2023-05-31

Applicant: Cisco Technology, Inc.

Inventor： Nitin Bhandari ,  Abhishek Mukherjee ,  Megha Mahale

IPC: H04M15/00 ,  G06Q30/04

CPC classification number: H04M15/55 ,  G06Q30/04 ,  H04M15/41

Abstract: One or more processors of a device management platform map network identifiers to corresponding networks. An account of the device management platform manages devices on a plurality of networks based on the network identifiers. The one or more processors of the device management platform identify a network of a device associated with the account from the plurality of networks based on a mapping of a network identifier of the device to the network. The one or more processors of the device management platform perform an action for the device with respect to the network.