公开(公告)号：US20230017053A1

公开(公告)日：2023-01-19

申请号：US17375748

申请日：2021-07-14

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay Kumar Hooda ,  Vinay Saini ,  Victor Manuel Moreno

IPC: H04L12/713 ,  H04L12/741 ,  H04L12/725 ,  H04L12/715

Abstract: Techniques are described herein for service chaining in fabric networks such that hardware resources can be preserved without service nodes needing additional capabilities. The techniques may include storing a first configuration associated with a first VRF instance of a service forwarding node that is connected to a first service of a service chain sequence. The first configuration may indicate an identifier and a type associated with a second service of the service chain sequence where traffic is to be sent after the first service. Additionally, the techniques may also include storing a second configuration associated with a second VRF instance of the service forwarding node that is connected to the second service. The second configuration may indicate that the second service is a last service of the service chain sequence. When traffic is received at the service forwarding node, the service forwarding node can determine whether the traffic is pre-service traffic or post-service traffic.

公开(公告)号：US11523332B2

公开(公告)日：2022-12-06

申请号：US17136773

申请日：2020-12-29

Applicant: Cisco Technology, Inc.

Inventor： Vinay Saini ,  Robert Edgar Barton ,  Elango Ganesan ,  Swapna Anandan ,  Jerome Henry

IPC: H04W48/16 ,  H04W48/18 ,  H04W84/12 ,  H04W8/18 ,  H04W12/06 ,  H04W36/14

Abstract: Automatic onboarding of a device onto a cellular network may be provided through a Wireless Local Area Network (WLAN). Subsequent to a device connecting to a first network (e.g., the WLAN), information associated with the device and the first network may be received. One or more tags may be generated and an intent profile may be defined for the device based on the received information, where the intent profile may indicate at least a second network (e.g., the cellular network) that the device is enabled to connect with and one or more policies associated with the connection. The tags and intent profile may be transmitted to a service provider platform, and an onboarding profile template identified using the tags and the intent profile may be received from the service provider platform. The onboarding profile template may be provided to the device to enable connection to the second network.

公开(公告)号：US20220272006A1

公开(公告)日：2022-08-25

申请号：US17183664

申请日：2021-02-24

Applicant: Cisco Technology, Inc.

Inventor： Vinay Saini ,  Nagendra Kumar Nainar ,  Hazim Hashim Dahir ,  Carlos M. Pignataro ,  Rajesh Indira Viswambharan

IPC: H04L12/24 ,  H04L12/42

Abstract: According to one or more embodiments of the disclosure, a particular networking device located in a ring of networking devices of a network receives an indication from a supervisory service that the particular networking device has been designated a ring manager for the ring of networking devices. The particular networking device determines that the supervisory service is unreachable by the ring of networking devices. The particular networking device obtains telemetry data regarding a new device connected to the ring of networking devices. The particular networking device onboards, based on the telemetry data, the new device to the network, when the supervisory service is unreachable by the ring of networking devices.

公开(公告)号：US20220070731A1

公开(公告)日：2022-03-03

申请号：US17010032

申请日：2020-09-02

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Vinay Saini ,  Sowbhagya Hanumaiah Sowmya

IPC: H04W28/08 ,  H04W24/08 ,  H04W16/14

Abstract: Load balancing for saturated wireless may be provided. A computing device may determine that an Access Point (AP) has reached a saturation point. A first Service Device (SD) having a first SD coverage area that overlaps an AP coverage area associated with the AP may be identified. Then a license to operate within a frequency spectrum segment for the first SD coverage area may be obtained. A plurality of user devices may be moved from the AP to the first SD. The first SD may then service the plurality of user devices using at least a portion of the frequency spectrum segment.

公开(公告)号：US20220038335A1

公开(公告)日：2022-02-03

申请号：US16943031

申请日：2020-07-30

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Stephan Edward Friedl ,  Anoop Mohan ,  Norbert Heusser ,  Yogesh Kumar Soni ,  Daniel Eckstein ,  Jerome Henry ,  Vinay Saini

IPC: H04L12/24 ,  H04L29/08 ,  G06F16/955 ,  G06F16/25

Abstract: In one embodiment, a supervisory device that supervises an edge device at an edge of a network receives a uniform resource identifier specified by a node in the network. The supervisory device retrieves information regarding the node located at the uniform resource identifier. The supervisory device generates, based on the information regarding the node, a data pipeline configuration for the edge device. The supervisory device sends the data pipeline configuration to the edge device. The data pipeline configuration causes the edge device to extract data from traffic sent by the node in the network and specifies one or more cloud-hosted applications to which the data should be sent.

公开(公告)号：US20210288902A1

公开(公告)日：2021-09-16

申请号：US16814981

申请日：2020-03-10

Applicant: Cisco Technology, Inc.

Inventor： Ankush Ganpatrai Arora ,  Ruchir Jain ,  Vinay Saini ,  Atahar Khan

IPC: H04L12/721 ,  G06Q10/06 ,  G06Q50/26 ,  H04L29/06

Abstract: This disclosure describes techniques for enhanced segment routing across computer networks. The routing of data traffic may be enhanced by accounting for additional considerations, beyond typical network parameters, when selecting segment routes via which to route the data traffic. For instance, a service provider (SP) may wish to consider business priorities when selecting a segment route to another SP. The techniques described herein include mechanisms for gathering and/or receiving information regarding business priorities, analyzing the business priorities, and determining a segment route. As such, through accounting for additional considerations beyond typical network parameters, enhanced segment routing may potentially improve client service and network operations.

公开(公告)号：US20250126059A1

公开(公告)日：2025-04-17

申请号：US18984673

申请日：2024-12-17

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Vinay Saini ,  Sanjay Kumar Hooda

IPC: H04L45/00 ,  H04L45/12

Abstract: Techniques for a Software-Defined Networking (SDN) controller associated with a multisite network to implement jurisdictional data sovereignty polices in a multisite network, route network traffic flows between user sites and destination services over one or more provider sites, and/or perform a routing operation on the network traffic flow(s) based on the jurisdictional data sovereignty policies. The jurisdictional data sovereignty polices may be implemented using destination group tags (DGTs) and/or source group tags (SGTs). A secure access service edge (SASE) associated with the network controller may generate, store, and distribute the DGTs to provider sites and/or the SGTs to user sites. Based on the SGT and/or DGT associated with a network traffic flow, one or more services may be applied to the network traffic flow, and the network traffic flow may be routed through a particular region of a software-defined access (SDA) transit.

公开(公告)号：US12192192B2

公开(公告)日：2025-01-07

申请号：US17749274

申请日：2022-05-20

Applicant: Cisco Technology, Inc.

Inventor： Vinay Saini ,  Rajesh Indira Viswambharan ,  Nagendra Kumar Nainar ,  Akram Ismail Sheriff ,  David John Zacks

IPC: H04L9/40

Abstract: In one embodiment, a method herein comprises: receiving, at a device, a registration request from a telemetry exporter that transmits telemetry data; generating, by the device, a telemetry configuration file for the telemetry exporter, the telemetry configuration file defining a policy for transmission of telemetry data from the telemetry exporter and an authentication token for the telemetry exporter; sharing, by the device, the policy with a security enforcer; and sending, by the device, the telemetry configuration file to the telemetry exporter, wherein the telemetry exporter is caused to connect with the security enforcer using the authentication token, send the telemetry configuration file to the security enforcer, and transmit collected telemetry data to the security enforcer, and wherein the security enforcer is caused to create a dynamic publish-subscribe stream for publishing the collected telemetry data received from the telemetry exporter based on the telemetry configuration file and the policy.

公开(公告)号：US20240414089A1

公开(公告)日：2024-12-12

申请号：US18206245

申请日：2023-06-06

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Akram Sheriff ,  Vinay Saini ,  Rajesh Indira Viswambharan

IPC: H04L47/10 ,  H04L45/12

Abstract: Techniques for determining an optimal connection path by a NHNaaS are described. The techniques may include receiving a registration from an IPS that includes service ISP service parameters, and storing the registration in a NaaS database. A request to connect to a remote service from a user device, including user parameters required is received. ISPs having respective service parameters compatible with the user parameters are identified in the NaaS database. Multiple paths offered by the service providers between the user device and the remote service are determined. Network performance data for each path is received from a network monitoring service. Using the network performance data, an optimal path for establishing the connection is identified. A request to instantiate a tunnel between the user device and remote service is transmitted to the service providers along the optimal path and the tunnel information is transmitted to the user device.

公开(公告)号：US12149936B2

公开(公告)日：2024-11-19

申请号：US17848879

申请日：2022-06-24

Applicant: Cisco Technology, Inc.

Inventor： Vinay Saini ,  Snezana Mitrovic ,  Timothy P. Stammers ,  Rajesh Indira Viswambharan

IPC: H04W12/08 ,  H04W12/06 ,  H04W12/37

Abstract: Systems, methods, and computer-readable media are disclosed for dynamically onboarding a UE between private 5G networks. In one aspect, a private 5G (P5G) federation system can receive a request from a user device for registration with a serving private 5G network, which is part of a P5G federation system. The P5G federation system can further determine that the user device is authenticated with a home private 5G network of the user device, which is also part of the P5G federation system. The P5G federation system can transmit, to the serving private 5G network, a security profile of the user device that is received from the home private 5G network. As follows, the P5G federation system can facilitate onboarding of the user device to the serving private 5G network with the security profile.