公开(公告)号：US20240205138A1

公开(公告)日：2024-06-20

申请号：US18589837

申请日：2024-02-28

Applicant: Cisco Technology, Inc.

Inventor： Vijay Kumar Devendran ,  Kiran Kumar Meda ,  Rajagopalan Janakiraman ,  Shyam N. Kapadia ,  Javed Asghar

IPC: H04L45/00 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/087 ,  H04L43/10

CPC classification number: H04L45/22 ,  H04L43/0829 ,  H04L43/0858 ,  H04L43/087 ,  H04L43/10

Abstract: In one embodiment, a method includes identifying a problematic event between a first interest point and a second interest point of a network and activating, in response to identifying the problematic event between the first interest point and the second interest point, a first endpoint associated with the first interest point and a second endpoint associated with the second interest point. The method also includes receiving, from the first endpoint and the second endpoint, telemetry data associated with a problematic path between the first interest point and the second interest point. The method further includes determining the problematic path between the first interest point and the second interest point using the telemetry data received from the first endpoint and the second endpoint.

公开(公告)号：US20240202313A1

公开(公告)日：2024-06-20

申请号：US18084196

申请日：2022-12-19

Applicant: Cisco Technology, Inc.

Inventor： Chandan Singh ,  Ofer Licht ,  Chirag Shroff ,  Srinivas Kothapally

IPC: G06F21/52 ,  G06F21/57

CPC classification number: G06F21/52 ,  G06F21/575 ,  G06F2221/033

Abstract: Techniques and architecture are described to control a debug port access employing the debug image signed offline by a challenge/response mechanism, where the signed image itself is tied to an ECID of a chip together with debug lifecycle information coming from fuses and a hash of a loader being debugged. All these inputs form a nonce (the debug image) that ties the debug image to the hardware being debugged and is restricted to the current debug lifecycle. The cryptographically signed debug image is authenticated by a boot image (or the chip) with a public key in the debug image. The debug image may be expanded to secure maintenance using a secure maintenance blob or “firmware maintenance certificate or nonce.” The secure maintenance blob also includes a natural attribute list of low-level features to be enabled upon verification of the secure maintenance blob.

公开(公告)号：US12015555B1

公开(公告)日：2024-06-18

申请号：US18344381

申请日：2023-06-29

Applicant: Cisco Technology, Inc.

Inventor： Xurui Huang ,  Bo Sun ,  Yuefeng Jiang

IPC: H04L45/745 ,  H04L45/28 ,  H04L45/76 ,  H04L49/00

CPC classification number: H04L45/745 ,  H04L45/28 ,  H04L45/76 ,  H04L49/70

Abstract: Disclosed herein are systems, methods, and computer-readable media for managing Layer 2 (L2) and Layer 3 (L3) policies. Traffic is routed from a first VM to a first CGW within a Service Node, where the Service Node can include a centralized policy for both L2 functions and L3 functions, and the first CGW can integrate both L2 gateways and L3 gateways. Based on a floating IP address of the packet, the traffic is routed within the Service Node, the traffic being routed by an access BD from an ingress BD-VIF to an egress BD-VIF. The traffic is then routed from a second CGW that integrates both L2 gateways and L3 gateways to the destination VM.

公开(公告)号：US12015518B2

公开(公告)日：2024-06-18

申请号：US17979341

申请日：2022-11-02

Applicant: Cisco Technology, Inc.

Inventor： Sambarta Dasgupta ,  Grégory Mermoud ,  Jean-Philippe Vasseur ,  Mukund Yelahanka Raghuprasad

IPC: H04L41/0631 ,  H04L41/0677 ,  H04L43/08

CPC classification number: H04L41/064 ,  H04L41/0677 ,  H04L43/08

Abstract: In one embodiment, a device identifies a timeseries motif present in a plurality of timeseries of performance metrics for a plurality of paths in a network. The device retrieves, based on the timeseries motif, device-level telemetry data from networking devices along the plurality of paths. The device determines a root cause of the timeseries motif by correlating the timeseries motif with the device-level telemetry data. The device provides an indication of the timeseries motif and its root cause for display by a user interface.

公开(公告)号：US20240196189A1

公开(公告)日：2024-06-13

申请号：US18063638

申请日：2022-12-08

Applicant: Cisco Technology, Inc.

Inventor： Sri Gundavelli ,  Vimal Srivastava ,  Irfan Ali

IPC: H04W8/08

CPC classification number: H04W8/08

Abstract: Disclosed herein are systems, methods, and computer-readable media for causing an user equipment (UE) to connect to a non-public network (NPN) while meeting time and location requirements. In one aspect, a method includes receiving, by the UE and from a home public land mobile network (h-PLMN), a steering of roaming update providing a steering of roaming record. In one aspect, the UE, is configured based on the steering of roaming record, to connect to the non-public network (NPN) when a context of the UE meets time and location requirements. In one aspect, the method includes establishing, by the UE, a session with the NPN when the context of the UE meets the time and location requirements.

公开(公告)号：US20240195804A1

公开(公告)日：2024-06-13

申请号：US18065002

申请日：2022-12-13

Applicant: Cisco Technology, Inc.

Inventor： Omar Naji Abduljaber ,  Michael G. Brown ,  Mujtaba Hussain ,  Robert Jacob Linial Small ,  Bradley A. Kuykendall

IPC: H04L9/40

CPC classification number: H04L63/0853

Abstract: In one embodiment, a method, by an authentication server, includes receiving user information associated with a first authentication factor for verification from the first endpoint device. The method further includes in response to verifying the first authentication factor, transmitting a prompt to provide an authentication decision associated with a second authentication factor to the second endpoint device, wherein the second endpoint device is communicatively coupled to the first endpoint device through the communication link. The method further includes receiving the authentication decision that is initiated by the first endpoint device from the second endpoint device, wherein the first endpoint device is configured to initiate and transmit the authentication decision to the second endpoint device in response to receiving the second authentication factor from the second endpoint device.

公开(公告)号：US20240195682A1

公开(公告)日：2024-06-13

申请号：US18076695

申请日：2022-12-07

Applicant: Cisco Technology, Inc.

Inventor： Mariusz Kazmierski

IPC: H04L41/0806 ,  H04L41/342 ,  H04L43/12

CPC classification number: H04L41/0806 ,  H04L41/342 ,  H04L43/12

Abstract: Techniques for leveraging a software defined tracking architecture to track endpoint connected to a network fabric are described. An orchestrator of a network fabric receives port information indicating a port of a fabric edge device to which an endpoint is connected. The orchestrator transmits the port information to a network node in the network fabric enabling data-plane traffic inspection. Using the port information, the network node detects traffic having a destination address corresponding to the endpoint. The network node transmits an indication that traffic was received by the network node having the destination address corresponding to the endpoint. Finally, onboarding of the endpoint into the network fabric is triggered at the fabric edge device.

公开(公告)号：US20240195612A1

公开(公告)日：2024-06-13

申请号：US18078223

申请日：2022-12-09

Applicant: Cisco Technology, Inc.

Inventor： Ashish Kundu ,  Ramana Rao V. R. KOMPELLA

IPC: H04L9/08

CPC classification number: H04L9/0852

Abstract: In one embodiment, a first device in a network receives a quantum computing power metric indicative of a maximum available compute power of quantum computers. The first device receives, from a second device in the network, a listing of cryptographic suites available on the second device. The first device selects, based on the quantum computing power metric, a particular cryptographic suite from among the listing of cryptographic suites available on the second device. The first device sends, to the second device via the network, an indication that the particular cryptographic suite is to be used to encrypt and decrypt traffic exchanged between the first device and the second device.

公开(公告)号：US20240195496A1

公开(公告)日：2024-06-13

申请号：US18078882

申请日：2022-12-09

Applicant: Cisco Technology, Inc.

Inventor： Arman Rezaee ,  Ali Sajassi

IPC: H04B7/185 ,  H04W28/02

CPC classification number: H04B7/18584 ,  H04W28/0226

Abstract: Described herein are techniques for leveraging ground station computing devices for performing route planning calculations to be used in a LEO satellite network for traffic routing. Such techniques may comprise receiving, at a ground station computing device, a request to generate routing information for a satellite node over a period of time, determining, by the ground station computing device, a number of communication connections associated with at least one destination node, each communication connection of the number of communication connections associated with a portion of the period of time, selecting, by the ground station computing device, one or more communication connection of the number of communication connections to cover the period of time, populating, by the ground station computing device, the routing information with an indication of the selected at least one communication connection, and providing the routing information to the satellite node.

公开(公告)号：US20240195495A1

公开(公告)日：2024-06-13

申请号：US18078868

申请日：2022-12-09

Applicant: Cisco Technology, Inc.

Inventor： Ali Sajassi ,  Arman Rezaee

IPC: H04B7/185 ,  H04B10/118

CPC classification number: H04B7/18584 ,  H04B7/18521 ,  H04B10/118

Abstract: Described herein are techniques for routing communications to a destination node within a LEO satellite network. The techniques may comprise receiving, at a satellite node in a network of satellites, a communication directed to an address for a destination satellite, determining whether the satellite node is the destination satellite, upon determining that the satellite node is the destination satellite, transmitting the communication to a ground station in communication range of the satellite node, and upon determining that the satellite node is not the destination satellite: identifying, via a local routing table, a second satellite node associated with the address for the destination satellite, and forwarding the communication to the second satellite node.