中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

122 records (took 0.026 seconds)

    Distribution of stateless security functions
    22.
    发明授权
    Distribution of stateless security functions 有权

    公开(公告)号:US11985110B2

    公开(公告)日:2024-05-14

    申请号:US17932092

    申请日:2022-09-14

    Applicant: Cisco Technology, Inc.

    Inventor: Saravanan Radhakrishnan Anand Oswal Ashwin Kumar Paul Wayne Bigbee Darrin Joseph Miller

    IPC: H04L29/06 H04L9/40

    CPC classification number: H04L63/0263 H04L63/101 H04L63/20

    Abstract: Systems and methods are provided for receiving, at a network device, a first set of rules from a security controller of an enterprise network, the first set of rules being different from a second set of rules provided to a firewall by the security controller, implementing, at the network device, the first set of rules received from the security controller, generating, at the network device, a first log including metadata based on the first set of rules, the first log being generated on a per flow basis, notifying, at the network device, a NetFlow of the first log including the metadata of the first set of rules, and providing, from the network device, the first log to a cloud-log store by the NetFlow of the network device, the cloud-log store receiving the first log from the network device and a second log from the firewall.

    Dynamic Firewall Discovery on a Service Plane in a SDWAN Architecture
    26.
    发明申请
    Dynamic Firewall Discovery on a Service Plane in a SDWAN Architecture 有权

    公开(公告)号:US20220377053A1

    公开(公告)日:2022-11-24

    申请号:US17817479

    申请日:2022-08-04

    Applicant: Cisco Technology Inc.

    Inventor: Balaji Sundararajan Venkatesh Gota B R Sireesha Yeruva Chandramouli Balasubramanian Anand Oswal

    IPC: H04L9/40 H04L1/18 H04L45/00 H04L69/22

    Abstract: The present disclosure is directed to systems and methods for dynamic firewall discovery on a service plane. The method includes the steps of identifying a source data packet for transmission from a source machine at a source site to a destination machine at a destination site, wherein the source data packet corresponds to a request for connection between the source machine and the destination machine over a WAN, inspecting the source data packet at a first firewall associated with the source site, marking the source data packet with a marker to indicate inspection by the first firewall, transmitting the marked source data packet to the destination site, determining at the destination site that the source data packet has been inspected based on the marker, and forwarding the source data packet to the destination machine at the destination site, without inspection of the source data packet by a second firewall associated with the destination site.

    Dynamic honeypots
    27.
    发明授权
    Dynamic honeypots 有权

    公开(公告)号:US11233822B2

    公开(公告)日:2022-01-25

    申请号:US16535550

    申请日:2019-08-08

    Applicant: Cisco Technology, Inc.

    Inventor: Sanjay Kumar Hooda Anand Oswal Nehal Bhau Victor Moreno

    IPC: H04L29/06 H04L12/803 H04L12/715 H04L12/723

    Abstract: A mapping system, under administrative control of a Wide Area Network (WAN) controller, can track each host, authorized to access a plurality of Local Area Networks (LANs), in one or more mapping databases including a first network address representing an identifier and a second network addressing representing a locator for each host. The mapping system can receive a request for resolution of a first identifier of a host not presently connected to the network. The mapping system can determine the mapping databases exclude a mapping for the first identifier. The mapping system can update the mapping databases with a first mapping including the first identifier and a first locator corresponding to a honeypot network device. The mapping system can transmit, to one or more LANs of the plurality of LANs, routing information to route traffic destined for the first identifier to the honeypot network device.

    Integrating CBRS-enabled devices and intent-based networking
    28.
    发明授权
    Integrating CBRS-enabled devices and intent-based networking 有权

    公开(公告)号:US11122431B2

    公开(公告)日:2021-09-14

    申请号:US16936562

    申请日:2020-07-23

    Applicant: Cisco Technology, Inc.

    Inventor: Rajesh S. Pazhyannur Arun G. Khanna Anand Oswal

    IPC: H04W12/40 H04W12/06 H04L29/06 H04W48/18 H04W8/18

    Abstract: Systems and methods are provided for receiving, at an enterprise network, first authentication data of a citizens broadband radio service (CBRS)-enabled device, receiving, at the enterprise network, second authentication data of the CBRS-enabled device, the first authentication data of the CBRS-enabled device being a different type of authentication data than the second authentication data of the CBRS-enabled device, determining a class of the CBRS-enabled device based on the first authentication data and the second authentication data of the CBRS-enabled device, determining a network segment for the CBRS-enabled device based on the class of the CBRS-enabled device, and providing access to the CBRS-enabled device based on the determining of the network segment for the CBRS-enabled device.

    End-to-end identity-aware routing across multiple administrative domains
    29.
    发明授权
    End-to-end identity-aware routing across multiple administrative domains 有权

    公开(公告)号:US10999197B2

    公开(公告)日:2021-05-04

    申请号:US16535519

    申请日:2019-08-08

    Applicant: Cisco Technology, Inc.

    Inventor: Sanjay Kumar Hooda Anand Oswal Nehal Bhau Anil Edathara Munish Mehta

    IPC: H04L12/715 H04L12/46

    Abstract: Systems and methods provide for end-to-end identity-aware routing across multiple administrative domains. A first ingress edge device of a second overlay network can receive a first encapsulated packet from a first egress edge device of a first overlay network. The first ingress edge device can de-encapsulate the first encapsulated packet to obtain an original packet and a user or group identifier. The first ingress edge device can apply a user or group policy matching the user or group identifier to determine a next hop for the original packet. The first ingress edge device can encapsulate the original packet and the user or group identifier to generate a second encapsulated packet. The first ingress edge device can forward the second encapsulated packet to the next hop.

    MULTI-FACTOR AUTHENTICATION IN PRIVATE MOBILE NETWORKS
    30.
    发明申请
    MULTI-FACTOR AUTHENTICATION IN PRIVATE MOBILE NETWORKS 有权

    公开(公告)号:US20210112411A1

    公开(公告)日:2021-04-15

    申请号:US17066682

    申请日:2020-10-09

    Applicant: Cisco Technology, Inc.

    Inventor: Rajesh S. Pazhyannur Anand Oswal Arun G. Khanna

    IPC: H04W12/06 H04W12/00 H04L29/06

    Abstract: Systems and methods are provided for user equipment (UE) multi-factor authentication enrollment. An example method can include receiving, by a first mobile network, an authentication request from a UE; performing a first authentication of the UE at the first mobile network; based on a determination that the UE has not been onboarded at a second mobile network, initiating, by the first mobile network, enrollment of the UE with the second mobile network for additional authentication of the UE with the second mobile network, wherein the first mobile network is separate from the second mobile network; and after the enrollment of the UE with the second mobile network, coordinating, by the first mobile network, a second authentication of the UE with the second mobile network.

Patent Agency Ranking