公开(公告)号：US12244463B2

公开(公告)日：2025-03-04

申请号：US18397672

申请日：2023-12-27

Applicant: Juniper Networks, Inc.

Inventor： Jisheng Wang ,  Ruchit Rajkumar Mehta ,  Kaushik Adesh Agrawal ,  Patrick Timmons ,  Patrick J. MeLampy ,  Michael Baj

IPC: G06F15/173 ,  H04L41/0893 ,  H04L41/16 ,  H04L41/5009

Abstract: An example method includes receiving, by an SD-WAN system, WAN link characterization data for a plurality of WAN links of the SD-WAN system over a time period; and for each site of a plurality of sites of the SD-WAN system, generating, by the SD-WAN system, a local policy for the site, wherein generating the local policy is based on a machine learning model trained with the WAN link characterization data for the plurality of WAN links, and providing the local policy to an SD-WAN edge device of the site.

公开(公告)号：US12231340B2

公开(公告)日：2025-02-18

申请号：US17649263

申请日：2022-01-28

Applicant: Juniper Networks, Inc.

Inventor： Raghuram Malpe Pai ,  Nilesh Kantilal Simaria ,  Harsha Lakshmikanth ,  Sri Ram Sankar

IPC: H04L47/125 ,  H04L43/04 ,  H04L43/0864

Abstract: A device comprises processing circuitry configured to configure an edge device to collect telemetry flow data output by a plurality of network devices and to generate processed telemetry flow data based on the collected telemetry flow data. The processing circuitry is further configured to receive the processed telemetry flow data from the edge device and store an indication of the processed telemetry flow data.

公开(公告)号：US20250056322A1

公开(公告)日：2025-02-13

申请号：US18395023

申请日：2023-12-22

Applicant: Juniper Networks, Inc.

Inventor： Natarajan Manthiramoorthy ,  Raja Rao Tadimeti ,  Anantha Ravi ,  Madhava Rao Cheethirala ,  Vinod Peris

IPC: H04W28/08 ,  H04W12/069

Abstract: A network access server (NAS) device on a wireless network at a site is described, the NAS device comprising memory including a policy cache having entries for one or more client devices where each entry includes a last policy action previously identified by a network access control (NAC) system for the respective client device. The NAS device further comprising processing circuitry configured to, upon receipt of an access request for the wireless network from a client device, authenticate the client device. The processing circuitry is configured to, after authentication of the client device, determine whether the client device is included in the policy cache. The processing circuitry is configured to, based on the client device being included in the policy cache, authorize the client device to access the wireless network in accordance with the last policy action for the client device.

公开(公告)号：US20250055828A1

公开(公告)日：2025-02-13

申请号：US18366401

申请日：2023-08-07

Applicant: Juniper Networks, Inc.

Inventor： Venkatesh PADEBETTU ,  Rivu SANTRA ,  Rajesh KATRAGADDA

IPC: H04L61/45 ,  H04L61/5014

Abstract: In some implementations, a network device may receive one or more indications of one or more internet protocol (IP) addresses. The network device may determine that the one or more IP addresses are associated with an IP over Ethernet (IPoE) subscriber. The network device may generate, based at least in part on determining that the one or more IP addresses are associated with the IPoE subscriber, a mapping of the one or more IP addresses to an identifier of the IPoE subscriber. The network device may receive a network packet associated with at least one IP address of the one or more IP addresses. The network device may perform, based at least in part on the mapping of the one or more IP addresses to the identifier of the IPoE subscriber, a network service associated with the network packet on a per-IPoE-subscriber basis.

公开(公告)号：US20250047577A1

公开(公告)日：2025-02-06

申请号：US18759417

申请日：2024-06-28

Applicant: Juniper Networks, Inc.

Inventor： Nicolas S. Dade ,  Oscar S. Ernohazy ,  Randall W. Frei ,  Robert J. Friday

IPC: H04L43/028 ,  H04L41/0604 ,  H04L43/04 ,  H04L43/065 ,  H04L43/12 ,  H04W16/18 ,  H04W24/02 ,  H04W64/00 ,  H04W88/08

Abstract: A wireless access point system includes a processor configured to tap event data and process the event data using a plurality of event filters. Each event filter of the plurality of event filters applies event criteria to detect one or more types of events. The wireless access point system includes a memory configured to store the tapped event data. The wireless access point system includes a communication interface configured to report a report of a detected event type. At least a portion of the report is correlated to analyze a performance of a wireless network.

公开(公告)号：US12218839B1

公开(公告)日：2025-02-04

申请号：US18240714

申请日：2023-08-31

Applicant: Juniper Networks, Inc.

Inventor： Abilash Menon ,  Scott Peter Inguagiato ,  Anna Yungelson

IPC: H04L45/745 ,  H04L12/46 ,  H04L45/00 ,  H04L45/42 ,  H04L101/622

Abstract: Techniques are disclosed for session-based load-balancing of network traffic to network service instances. In one example, a network device receives a first packet of a forward packet flow from a network service instance of a plurality of network service instances after application of a network service. The first packet specifies a Media Access Control (MAC) address of the network service instance as a source MAC address. The network device defines a session comprising the forward packet flow and a reverse packet flow and stores an association between the session and the MAC address of the network service instance. The network device determines that a second packet received from a destination device is associated with the reverse packet flow of the session. The network device forwards the second packet to the same network service instance based on the association between the session and the MAC address of the network service instance.

公开(公告)号：US20250039055A1

公开(公告)日：2025-01-30

申请号：US18918850

申请日：2024-10-17

Applicant: Juniper Networks, Inc.

Inventor： Sunil Madhaorao Gandhewar ,  Nirmal Antony X

IPC: H04L41/0893 ,  H04L9/40 ,  H04L41/0896 ,  H04L43/0817 ,  H04L47/10 ,  H04L47/125 ,  H04L47/41 ,  H04L67/1004 ,  H04W12/06

Abstract: A broadband network gateway (BNG) controller is described that includes a network subscriber database (NSDB) and one or more core applications. The NSDB is configured to store vBNG instance information for one or more subscriber devices. The vBNG instance information specifies vBNG instances operable by one or more edge routers. The vBNG instances are configured to receive requests to access service provider services from the one or more subscriber devices and to selectively authenticate the one or more subscriber devices for network services based on authentication information included in the requests to access services provider services. The one or more core applications include a network instance and configuration manager (NICM). The NICM is configured to modify the vBNG instance information at the NSDB to include an additional vBNG instance and to output, to an edge router, an instruction to generate the additional vBNG instance at the edge router.

公开(公告)号：US20250030739A1

公开(公告)日：2025-01-23

申请号：US18353575

申请日：2023-07-17

Applicant: Juniper Networks, Inc.

Inventor： Charles Damian O'Neill ,  Simon James ,  Kieran Gerald McPeake ,  Hayden Paul Shorter

IPC: H04L9/40

Abstract: This disclosure describes techniques that include assessing trust in a system based on subjective factors. In one example, this disclosure describes a method that includes determining, by the computing system, a prerequisite score for a network entity in a computer network; determining, by the computing system, a subjective score for the network entity based on one or more subjective factors for the network entity, wherein each of the one or more subjective factors for the network entity corresponds to a subjective characteristic of the network entity; determining, by a computing system, a trust score for the network entity based on the prerequisite score and the subjective score; and modifying, by the computing system, operation of the computer network based on the trust score for the network entity

公开(公告)号：US20250023787A1

公开(公告)日：2025-01-16

申请号：US18893090

申请日：2024-09-23

Applicant: Juniper Networks, Inc.

Inventor： Prasad Miriyala ,  FNU Nadeem ,  Sayali Mane ,  Ankur Tandon ,  Sajeesh Mathew ,  Pranav Cherukupalli ,  Khushi Vaidya

IPC: H04L41/0894 ,  H04L41/0681

Abstract: In an example, a validation system comprises processing circuitry having access to a storage device and is configured to obtain flow records indicative of packet flows among workloads deployed to a cluster of one or more computing devices configured with a network policy, wherein each flow record of the flow records indicates a corresponding packet flow was allowed or denied by the cluster; receive an updated network policy; determine whether a corresponding packet flow for a flow record of the flow records has a discrepancy with the updated network policy; and in response to determining the corresponding packet flow for the flow record of the flow records has a discrepancy with the updated network policy, output an indication of an error.

公开(公告)号：US12200596B2

公开(公告)日：2025-01-14

申请号：US18440575

申请日：2024-02-13

Applicant: Juniper Networks, Inc.

Inventor： Ruchit Rajkumar Mehta ,  Kaushik Adesh Agrawal

IPC: H04L41/0631 ,  H04L12/46 ,  H04W24/08 ,  H04W40/12

Abstract: A cloud-based network management system (NMS) stores path data from network devices operating as network gateways for an enterprise network, the path data collected by each network device of the plurality of network devices. The NMS determines, for a logical path within a specified time window, a wireless signal quality and a link quality based at least in part on the path data. The NMS, in response to determining that the logical path is of a poor link quality, determine a correlation between a poor wireless quality and the poor link quality. The NMS may output a notification that indicates the correlation between the poor wireless quality and the poor link quality of the logical path.