中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

330 records (took 0.023 seconds)

    SYSTEMS AND METHODS FOR DETERMINING SECURE NETWORK ELEMENTS USING FLEXIBLE ALGORITHM TECHNOLOGY
    23.
    发明申请
    SYSTEMS AND METHODS FOR DETERMINING SECURE NETWORK ELEMENTS USING FLEXIBLE ALGORITHM TECHNOLOGY 有权

    公开(公告)号:US20210377152A1

    公开(公告)日:2021-12-02

    申请号:US17399937

    申请日:2021-08-11

    Applicant: Cisco Technology, Inc.

    Inventor: Peter Psenak Paul William Wells Ketan Jivan Talaulikar Clarence Filsfils

    IPC: H04L12/721 H04L29/06

    Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including receiving a first type-length-value (TLV) associated with a winning flexible algorithm definition (FAD) from a first element of a network. The operations also include determining a security level for the winning FAD based on the TLV. The operations further include determining a data transmission route through a plurality of elements of the network based on the security level for the winning FAD.

    INBAND GROUP-BASED NETWORK POLICY USING SRV6
    24.
    发明申请
    INBAND GROUP-BASED NETWORK POLICY USING SRV6 有权

    公开(公告)号:US20210243116A1

    公开(公告)日:2021-08-05

    申请号:US16860896

    申请日:2020-04-28

    Applicant: Cisco Technology, Inc.

    Inventor: Clarence Filsfils Ahmed Mohamed Ahmed Abdelsalam Francois Clad Pablo Camarillo Garvia Kiran Sasidharan Pillai

    IPC: H04L12/723 H04L12/46 H04L29/06 H04L12/703 H04L12/741

    Abstract: The present technology pertains to a group-based network policy using Segment Routing over an IPv6 dataplane (SRv6). After a source application sends a packet, an ingress node can receive the packet, and if the source node is capable, it can identify an application policy and apply it. The ingress node indicates that the policy has been applied by including policy bits in the packet encapsulation. When the packet is received by the egress node, it can determine whether the policy was already applied, and if so, the packet is forward to the destination application. If the egress node determines that the policy has not be applied the destination application can apply the policy. Both the ingress node and egress nodes can learn of source application groups, destination application groups, and applicable policies through communication with aspects of the segment routing fabric.

    Segment routing packet policies and functions including an engineered reverse reply path providing efficiencies in communicating packets in a network
    26.
    发明授权
    Segment routing packet policies and functions including an engineered reverse reply path providing efficiencies in communicating packets in a network 有权

    公开(公告)号:US10924399B2

    公开(公告)日:2021-02-16

    申请号:US15922860

    申请日:2018-03-15

    Applicant: Cisco Technology, Inc.

    Inventor: Clarence Filsfils Francois Clad Pablo Camarillo Garvia

    IPC: H04L12/741 H04L12/781 H04L29/06

    Abstract: In one embodiment, segment routing network processing of packets is performed on segment routing packets to use engineered segment routing reverse reply paths which provide efficiencies in communicating packets in a network. In one embodiment, a source node selects a segment identifier of a destination node, with the segment identifier specifying a function value of a dynamic return path segment routing function in order to invoke this function on the destination node. The source node then sends a segment routing packet to the destination address of this segment identifier. Reacting to receipt of this packet and the function value of the dynamic return path segment routing function in the destination address or current segment identifier of the packet, a receiving node generates a responding segment routing packet including the segment identifiers from the received packet in reverse traversal order.

    Loop detection and avoidance for segment routed traffic engineered paths
    27.
    发明授权
    Loop detection and avoidance for segment routed traffic engineered paths 有权

    公开(公告)号:US10833976B2

    公开(公告)日:2020-11-10

    申请号:US16185239

    申请日:2018-11-09

    Applicant: Cisco Technology, Inc.

    Inventor: Tarek Saad Clarence Filsfils Muthurajah Sivabalan

    IPC: H04L12/707 H04L12/24 H04L12/751 H04L12/721 H04L12/46 H04L12/815

    Abstract: A method is described and in one embodiment includes receiving a packet of a traffic flow at an ingress node of a communications network; routing the packet to an egress node of the communications network via a first path comprising a tunnel if the packet was received from a node external to the communications network; and routing the packet to the egress node of the communications network via a second path that does not traverse the tunnel if the packet was received from a node internal to the communications network. The first path is identified by a first Forwarding Information Base (“FIB”) entry corresponding to the flow and the second path is identified by a second FIB entry corresponding to the flow.

    SYSTEMS AND METHODS FOR SECURING NETWORK PATHS
    28.
    发明申请
    SYSTEMS AND METHODS FOR SECURING NETWORK PATHS 审中-公开

    公开(公告)号:US20200322383A1

    公开(公告)日:2020-10-08

    申请号:US16700838

    申请日:2019-12-02

    Applicant: Cisco Technology, Inc.

    Inventor: Clarence Filsfils Reshad Rahman Eric Albin Voit

    IPC: H04L29/06 H04L12/24 H04L12/721 H04L12/707

    Abstract: In one embodiment, a method includes determining a secure path through a first plurality of network nodes within a network and determining an alternate secure path through a second plurality of network nodes within the network. The method also includes routing network traffic through the first plurality of network nodes of the secure path and detecting a failure in the secure path using single-hop BFD authentication. The method further includes rerouting the network traffic through the second plurality of network nodes of the alternate secure path.

    Applying Attestation Tokens to The Open Shortest Path First (OSPF) Routing Protocol
    29.
    发明申请
    Applying Attestation Tokens to The Open Shortest Path First (OSPF) Routing Protocol 审中-公开

    公开(公告)号:US20200322312A1

    公开(公告)日:2020-10-08

    申请号:US16674419

    申请日:2019-11-05

    Applicant: Cisco Technology, Inc.

    Inventor: Peter Psenak Paul Wells Ketan Jivan Talaulikar Clarence Filsfils

    IPC: H04L29/06 H04L12/721 H04L12/741 H04L12/751 H04L12/813 G06F21/72

    Abstract: In one embodiment, a method includes receiving an OSPF hello message including an attestation token from a second network apparatus, determining that the attestation token is valid for the second network apparatus at a current time, establishing an adjacency to the second network apparatus in response to the determination, computing, based at least on the attestation token, a trust level for a first link from the first network apparatus to the second network apparatus and a trust level for first prefixes associated with the first link, and sending an LSA comprising the trust level for the first link and the trust level for the first prefixes to neighboring network apparatuses, where the trust level for the first link and the trust level for the prefixes are used by the network apparatuses in the network to compute a routing table of the network.

Patent Agency Ranking