中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

63 records (took 0.024 seconds)

    Zone-Based Firewall Policy Model for a Virtualized Data Center
    31.
    发明申请
    Zone-Based Firewall Policy Model for a Virtualized Data Center 审中-公开
    虚拟化数据中心基于区域的防火墙策略模型

    公开(公告)号:US20150163200A1

    公开(公告)日:2015-06-11

    申请号:US14627223

    申请日:2015-02-20

    Applicant: Cisco Technology, Inc.

    Inventor: David Chang Abhijit Patra Nagaraj Bagepalli Rajesh Kumar Sethuraghavan

    IPC: H04L29/06

    CPC classification number: H04L63/0263 G06F9/45558 G06F2009/45587 G06F2009/45595 H04L29/08927 H04L29/08972 H04L49/356 H04L49/70 H04L63/0218 H04L63/0227

    Abstract: Techniques are provided for implementing a zone-based firewall policy. At a virtual network device, information is defined and stored that represents a security management zone for a virtual firewall policy comprising one or more common attributes of applications associated with the security zone. Information representing a firewall rule for the security zone is defined and comprises first conditions for matching common attributes of applications associated with the security zone and an action to be performed on application traffic. Parameters associated with the application traffic are received that are associated with properly provisioned virtual machines. A determination is made whether the application traffic parameters satisfy the conditions of the firewall rule and in response to determining that the conditions are satisfied, the action is performed.

    Abstract translation: 提供了实现基于区域的防火墙策略的技术。 在虚拟网络设备处,定义和存储表示虚拟防火墙策略的安全管理区域的信息,该虚拟防火墙策略包括与安全区域相关联的应用的一个或多个公共属性。 定义表示安全区域的防火墙规则的信息,并且包括用于匹配与安全区域相关联的应用的通用属性的第一条件以及要对应用流量执行的动作。 接收到与正确配置的虚拟机相关联的与应用程序流量相关联的参数。 确定应用业务参数是否满足防火墙规则的条件,并且响应于确定满足条件,执行动作。

    SHORTENING OF SERVICE PATHS IN SERVICE CHAINS IN A COMMUNICATIONS NETWORK
    32.
    发明申请
    SHORTENING OF SERVICE PATHS IN SERVICE CHAINS IN A COMMUNICATIONS NETWORK 有权
    在通信网络中服务链中的服务模式

    公开(公告)号:US20150138973A1

    公开(公告)日:2015-05-21

    申请号:US14081772

    申请日:2013-11-15

    Applicant: CISCO TECHNOLOGY, INC.

    Inventor: Surendra M. Kumar Nagaraj A. Bagepalli Dileep K. Devireddy Abhijit Patra

    IPC: H04L12/801 H04L12/721

    CPC classification number: H04L47/2475 H04L12/56 H04L43/026 H04L45/12 H04L45/38 H04L45/48 H04L45/64 H04L47/12 H04L47/17

    Abstract: A method is provided in one example embodiment and includes receiving at a network element a flow offload decision for a first service node comprising a portion of a service chain for processing a flow; recording the flow offload decision against the first service node at the network element; and propagating the flow offload decision backward on a service path to which the flow belongs if the first service node is hosted at the network element. Embodiments may also include propagating the flow offload decision backward on a service path to which the flow belongs if the flow offload decision is a propagated flow offload decision and the network element hosts a second service node that immediately precedes the service node on behalf of which the propagated flow offload decision was received and a flow offload decision has already been received by the network element from the second service node.

    Abstract translation: 在一个示例实施例中提供了一种方法,并且包括在网络元件处接收包括用于处理流的服务链的一部分的第一服务节点的流卸载决定; 记录网元上的第一服务节点的流量卸载决定; 并且如果第一服务节点驻留在网络元件处,则在流所属的服务路径上向后传播流卸载决策。 实施例还可以包括:如果流卸载决定是传播的流卸载决定,并且网络主机驻留在服务节点之前的第二服务节点,则在流所属的服务路径上向后传播流卸载决策, 接收到传播流卸载决定,网元从第二服务节点已经接收到流卸载决定。

    METHOD AND SYSTEM OF PROVIDING STORAGE SERVICES IN MULTIPLE PUBLIC CLOUDS
    33.
    发明申请
    METHOD AND SYSTEM OF PROVIDING STORAGE SERVICES IN MULTIPLE PUBLIC CLOUDS 审中-公开
    在多个公共云中提供存储服务的方法和系统

    公开(公告)号:US20140366155A1

    公开(公告)日:2014-12-11

    申请号:US14058041

    申请日:2013-10-18

    Applicant: CISCO TECHNOLOGY, INC.

    Inventor: David Wei-Shen Chang Abhijit Patra Joseph Alan Epstein Aravindh Puthiyaparambil Deep Debroy Massimo Civilini

    IPC: G06F21/10 H04L29/08

    CPC classification number: G06F21/10 G06F9/45558 G06F21/606 G06F2009/45579 H04L9/0894 H04L67/1097 H04L2209/76

    Abstract: A system and a method implement a cloud storage gateway configured to provide secure storage services in a cloud environment. A method can include implementing storage provisioning for a virtual machine (VM) in a hybrid cloud environment that includes an enterprise network in communication with a cloud. Enterprise network includes enterprise storage, and cloud includes cloud storage. The storage provisioning is implemented by deploying a cloud storage gateway in the cloud that facilitates secure migration of data associated with the VM between enterprise storage and cloud storage. A nested virtual machine container (NVC) is also deployed in the cloud, where NVC abstracts an interface that is transparent to a cloud infrastructure of the cloud. Cloud storage gateway can then be executed as a virtual machine within NVC. Such storage provisioning is further implemented by deploying the VM in a NVC in the cloud and directly attaching storage to the VM.

    Abstract translation: 系统和方法实施云存储网关,其被配置为在云环境中提供安全存储服务。 一种方法可以包括在包括与云通信的企业网络的混合云环境中为虚拟机(VM)实施存储配置。 企业网络包括企业存储,云包括云存储。 通过在云中部署云存储网关来实现存储配置,有助于在企业存储和云存储之间安全迁移与VM相关联的数据。 云中也部署了一个嵌套虚拟机容器(NVC),其中NVC提取对云的云基础架构透明的接口。 云存储网关可以作为NVC内的虚拟机执行。 通过在云中的NVC中部署VM并将存储直接附加到VM来进一步实现这种存储配置。

    Highly Scalable Architecture for Application Network Appliances
    34.
    发明申请
    Highly Scalable Architecture for Application Network Appliances 审中-公开
    应用网络设备的高可扩展架构

    公开(公告)号:US20130318341A1

    公开(公告)日:2013-11-28

    申请号:US13859833

    申请日:2013-04-10

    Applicant: Cisco Technology, Inc.

    Inventor: Nagaraj Bagepalli Prashant Gandhi Abhijit Patra Kirti Prabhu Anant Thakar

    IPC: H04L29/06

    CPC classification number: H04L63/205 H04L9/3242 H04L47/20 H04L63/02 H04L63/0428 H04L63/166 H04L69/16 H04L69/161 H04L69/321 Y10T70/5827

    Abstract: A highly scalable application network appliance is described herein. According to one embodiment, a network element includes a switch fabric, a first service module coupled to the switch fabric, and a second service module coupled to the first service module over the switch fabric. In response to packets of a network transaction received from a client over a first network to access a server of a data center having multiple servers over a second network, the first service module is configured to perform a first portion of OSI (open system interconnection) compatible layers of network processes on the packets while the second service module is configured to perform a second portion of the OSI compatible layers of network processes on the packets. The first portion includes at least one OSI compatible layer that is not included in the second portion. Other methods and apparatuses are also described.

    Abstract translation: 这里描述了高度可扩展的应用网络设备。 根据一个实施例,网络元件包括交换结构,耦合到交换结构的第一服务模块以及通过交换结构耦合到第一服务模块的第二服务模块。 响应于通过第一网络从客户端接收的网络事务的分组来访问具有多个服务器的数据中心的服务器,所述第一服务模块被配置为执行OSI的第一部分(开放系统互连) 在第二服务模块被配置为执行分组上的OSI兼容的网络进程层的第二部分时,分组上的网络进程的兼容层。 第一部分包括不包括在第二部分中的至少一个OSI兼容层。 还描述了其它方法和装置。

    Policy-driven switch overlay bypass in a hybrid cloud network environment
    36.
    发明授权
    Policy-driven switch overlay bypass in a hybrid cloud network environment 有权

    公开(公告)号:US11005682B2

    公开(公告)日:2021-05-11

    申请号:US14876627

    申请日:2015-10-06

    Applicant: Cisco Technology, Inc.

    Inventor: David W. Chang Abhijit Patra Nagaraj A. Bagepalli Dileep Kumar Devireddy

    IPC: H04L12/24 H04L12/46 H04L29/08 H04L29/06 H04L29/12

    Abstract: Network policies can be used to optimize the flow of network traffic between virtual machines (VMs) in a hybrid cloud environment. In an example embodiment, one or more policies can drive a virtual switch controller, a hybrid cloud manager, a hypervisor manager, a virtual switch, or other orchestrator to create one or more direct tunnels that can be utilized by a respective pair of VMs to bypass the virtual switch and enable direct communication between the VMs. The virtual switch can send the VMs network and security policies to ensure that these policies are enforced. The VMs can exchange security credentials in order to establish the direct tunnel. The direct tunnel can be used by the VMs to bypass the virtual switch and allow the VMs to communicate with each other directly.

    DEFAULT GATEWAY EXTENSION
    37.
    发明申请
    DEFAULT GATEWAY EXTENSION 审中-公开

    公开(公告)号:US20200177543A1

    公开(公告)日:2020-06-04

    申请号:US16780170

    申请日:2020-02-03

    Applicant: Cisco Technology, Inc.

    Inventor: David W. Chang Abhijit Patra Nagaraj Bagepalli Dileep Kumar Devireddy Ganesh Sadasivan

    IPC: H04L29/12 H04L29/06 H04L29/08 G06F9/455 H04L12/46 G06F9/4401

    Abstract: Many hybrid cloud topologies require virtual machines in a public cloud to use a router in a private cloud, even when the virtual machine is transmitting to another virtual machine in the public cloud. Routing data through an enterprise router on the private cloud via the internet is generally inefficient. This problem can be overcome by placing a router within the public cloud that mirrors much of the routing functionality of the enterprise router. A switch configured to intercept address resolution protocol (ARP) request for the enterprise router's address and fabricate a response using the MAC address of the router in the public cloud.

    PROGRAMMABLE INFRASTRUCTURE GATEWAY FOR ENABLING HYBRID CLOUD SERVICES IN A NETWORK ENVIRONMENT
    38.
    发明申请
    PROGRAMMABLE INFRASTRUCTURE GATEWAY FOR ENABLING HYBRID CLOUD SERVICES IN A NETWORK ENVIRONMENT 审中-公开

    公开(公告)号:US20200014559A1

    公开(公告)日:2020-01-09

    申请号:US16577519

    申请日:2019-09-20

    Applicant: Cisco Technology, Inc.

    Inventor: Nagaraj A. Bagepalli David Wei-Shen Chang Abhijit Patra Murali Anantha Prashanth Thumbargudi

    IPC: H04L12/64 H04L12/66

    Abstract: An example method for a programmable infrastructure gateway for enabling hybrid cloud services in a network environment is provided and includes receiving an instruction from a hybrid cloud application executing in a private cloud, interpreting the instruction according to a hybrid cloud application programming interface, and executing the interpreted instruction in a public cloud using a cloud adapter. The method is generally executed in the infrastructure gateway including a programmable integration framework allowing generation of various cloud adapters using a cloud adapter software development kit, the cloud adapter being generated and programmed to be compatible with a specific public cloud platform of the public cloud. In specific embodiments, identical copies of the infrastructure gateway can be provided to different cloud service providers who manage disparate public cloud platforms; each copy of the infrastructure gateway can be programmed differently to generate corresponding cloud adapters compatible with the respective public cloud platforms.

    Elastic service chains
    40.
    发明授权
    Elastic service chains 有权
    弹性服务链

    公开(公告)号:US09467382B2

    公开(公告)日:2016-10-11

    申请号:US14170750

    申请日:2014-02-03

    Applicant: Cisco Technology, Inc.

    Inventor: Surendra Kumar David Chang Nagaraj Bagepalli Abhijit Patra

    IPC: H04L1/00 H04L12/803 H04L12/911 H04L12/721 H04L12/24 H04L29/06

    CPC classification number: H04L47/125 H04L41/50 H04L45/38 H04L47/782 H04L63/20

    Abstract: Presented herein are elastic service chain techniques. In one example, a network element receives data traffic to be processed by a service chain that specifies an ordered sequence of service pools including a first service pool and second service pool, wherein each service pool comprises a plurality of network services. A network service is determined from the first service pool to be applied to the data traffic, and data traffic is forwarded to the network service in the first service pool.

    Abstract translation: 这里提出的是弹性服务链技术。 在一个示例中,网络元件接收要由服务链处理的数据流量,所述服务链指定包括第一服务池和第二服务池的服务池的有序序列,其中每个服务池包括多个网络服务。 从要应用于数据流量的第一服务池确定网络服务,并将数据流量转发到第一服务池中的网络服务。

Patent Agency Ranking