公开(公告)号：US12137125B2

公开(公告)日：2024-11-05

申请号：US17886030

申请日：2022-08-11

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Vinay Saini ,  Akram Sheriff ,  Rajesh Indira Viswambharan ,  David John Zacks

IPC: H04L9/40

Abstract: Techniques are described for classification-based data security management. The classification-based data security management can include utilizing device and/or data attributes to identify security modes for communication of data stored in a source device. The security modes can be identified based on a hybrid-encryption negotiation. The attributes can include a device resource availability value, an access trust score, a data confidentiality score, a geo-coordinates value, and/or a date/time value. The security modes can include a hybrid-encryption mode. The source device can utilize the hybrid-encryption mode to transmit the data, via one or more network nodes, such as an edge node, to one or more service nodes.

公开(公告)号：US20240365118A1

公开(公告)日：2024-10-31

申请号：US18139244

申请日：2023-04-25

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  David John Zacks ,  Vinay Saini

IPC: H04W12/065 ,  H04L9/32 ,  H04M3/42

CPC classification number: H04W12/065 ,  H04L9/3213 ,  H04M3/42034

Abstract: Techniques are described for providing secure audio calls between a calling party and a receiving party. Upon receiving a call request from a call initiating party, a notification is sent to the intended call recipient. The call recipient can send a request for a secure call. Upon receiving the request for a secure call, a bi-directional multifactor authentication is performed to authenticate the identity of both the call initiating party and the call receiving party. In response to successfully authenticating both parties, a secure call between the parties is established. One or more secure key tokens or other metadata can be embedded in the call to ensure security of the call.

公开(公告)号：US12081626B2

公开(公告)日：2024-09-03

申请号：US18188934

申请日：2023-03-23

Applicant: Cisco Technology, Inc.

Inventor： Kaustubh Inamdar ,  Vinay Saini ,  Ankush Ganpatrai Arora

IPC: G06F15/16 ,  H04H60/23 ,  H04L9/08 ,  H04L9/14 ,  H04L9/40 ,  H04L12/18 ,  H04L67/141 ,  H04L67/147 ,  H04L67/148 ,  H04W12/50 ,  H04W12/63

CPC classification number: H04L67/148 ,  H04H60/23 ,  H04L9/0819 ,  H04L9/14 ,  H04L12/1813 ,  H04L63/0442 ,  H04L63/102 ,  H04L67/141 ,  H04L67/147 ,  H04W12/50 ,  H04W12/63

Abstract: A method for a seamless transfer of a secure multimedia conference session from one endpoint device to another without a need to rekey the session is provided. In this method, a first endpoint device connects a participant to a multimedia conference session to which at least one other participant is connected and based on detecting one or more second endpoint devices within a predetermined location proximity of the first endpoint device, determines whether to transfer the multimedia conference session to a target endpoint device. Based on determining that the session is to be transferred, the first endpoint device establishes a secure pairing connection directly with the target endpoint device and provides, via the secure pairing connection, information about the multimedia conference session based on which the multimedia conference session is transferred to the target endpoint device without rekeying the multimedia conference session.

公开(公告)号：US20240259089A1

公开(公告)日：2024-08-01

申请号：US18104141

申请日：2023-01-31

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David John Zacks ,  Jeff Apcar ,  Robert Edgar Barton ,  Jerome Henry ,  Vinay Saini

IPC: H04B7/185 ,  H04W12/37 ,  H04W40/20

CPC classification number: H04B7/18565 ,  H04W12/37 ,  H04W40/20

Abstract: This disclosure describes techniques for complying with a data sovereignty policy of data routed through a satellite network. An example method includes identifying data comprising a data sovereignty label indicating a first geographical region; determining that a coverage region of a satellite includes a first ground station in the first geographical region; determining that coverage region excludes a second ground station in a second geographical region; and based on determining that the coverage area includes the first ground station and excludes the second ground station, transmitting the data to the satellite.

公开(公告)号：US12052313B2

公开(公告)日：2024-07-30

申请号：US18106304

申请日：2023-02-06

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay Kumar Hooda ,  Marc Portoles Comeras ,  Vinay Saini ,  Victor Manuel Moreno

IPC: H04L67/51 ,  H04L41/0893 ,  H04L41/122 ,  H04L45/76 ,  H04L67/1001

CPC classification number: H04L67/10015 ,  H04L41/0893 ,  H04L41/122 ,  H04L45/76 ,  H04L67/51

Abstract: This disclosure describes techniques and mechanisms for providing hybrid cloud services for enterprise fabric. The techniques include enhancing an on-demand protocol (e.g., such as LISP) and allowing simplified security and/or firewall service insertion for datacenter servers providing those services. Accordingly, the techniques described herein provide hybrid cloud services that work in disaggregated, distributed, and consistent way, while avoiding complex datacenter network devices (e.g., such running overlay on TOR), replacing and moving the functionality to on demand protocol enabled servers, which intelligently receive the required mappings as well as registers and publishes the service information to intelligently interact with the network.

公开(公告)号：US20240146697A1

公开(公告)日：2024-05-02

申请号：US17976308

申请日：2022-10-28

Applicant: Cisco Technology, Inc.

Inventor： Vinay Saini ,  Snezana MITROVIC ,  Timothy P. STAMMERS

IPC: H04L9/40 ,  H04W12/062 ,  H04W24/04

CPC classification number: H04L63/0272 ,  H04W12/062 ,  H04W24/04

Abstract: In one embodiment, a device receives a request from a client to remotely access an endpoint in a local network. The device instantiates a network slice having a remote access function in a cellular network. The device causes the endpoint to communicate a particular type of traffic via the network slice and the remote access function. The device configures a virtual private network tunnel between the client and the remote access function. The client and endpoint communicate with one another via a connection that comprises the network slice and the virtual private network tunnel.

公开(公告)号：US20240137311A1

公开(公告)日：2024-04-25

申请号：US17972119

申请日：2022-10-23

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Vinay Saini ,  Sanjay Kumar Hooda

IPC: H04L45/30 ,  H04L45/302

CPC classification number: H04L45/30 ,  H04L45/302

Abstract: This disclosure describes techniques for employing an adaptive mechanism in communications among network devices. Adaptive mechanism techniques may include adapting network operations relative to characteristics of devices and/or network access technologies or mechanisms used in the network. Adaptation may help to accommodate a wider variety of types of devices. For instance, adaptive mechanism techniques may include determining, based on characteristics of a device in the network, a forwarding mechanism to be used at an access device to forward data traffic from the device to another device via the network. As such, adaptive mechanism techniques may provide more efficient integration of devices within a complex network, thereby improving network operations.

公开(公告)号：US20240098609A1

公开(公告)日：2024-03-21

申请号：US18518097

申请日：2023-11-22

Applicant: Cisco Technology, Inc.

Inventor： Gitesh Tejrao Hulke ,  Snezana Mitrovic ,  Rafiya Bano Sheikh ,  Sumana Ganne ,  Vinay Saini

IPC: H04W36/32 ,  H04L65/1016 ,  H04W8/22 ,  H04W36/00 ,  H04W60/04

CPC classification number: H04W36/32 ,  H04L65/1016 ,  H04W8/22 ,  H04W36/00837 ,  H04W60/04

Abstract: Systems and methods are provided for providing transference of a user equipment to a 5G network when a voice call is terminated. The systems and method can include receiving, at a mobility management entity, a voice call termination message from a serving gateway, determining, by the mobility management entity, whether the user equipment includes a 5G subscription and 5G capability based on the voice call termination message, and providing, by the mobility management entity, a handover message to the user equipment to initiate a handover to the 5G network based on the determining of whether the user equipment includes the 5G subscription and 5G capability.

公开(公告)号：US11863555B2

公开(公告)日：2024-01-02

申请号：US17174906

申请日：2021-02-12

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Jerome Henry ,  Vinay Saini

IPC: H04L29/00 ,  H04L9/40

CPC classification number: H04L63/0876 ,  H04L63/0209 ,  H04L63/0272 ,  H04L63/164 ,  H04L63/20

Abstract: In one embodiment, a management service for a network that is executed by one or more devices establishes a trust relationship with an entity associated with an endpoint in the network. The management service receives, via a Manufacturer Usage Description (MUD) file for the endpoint, an indication that the entity desires remote access to the endpoint in the network. The management service configures, based on the indication, the network to provide a remote access connection between the entity and the endpoint in the network. The management service provides, to the entity, credentials to the entity for the remote access connection.

公开(公告)号：US11785493B2

公开(公告)日：2023-10-10

申请号：US17443301

申请日：2021-07-23

Applicant: Cisco Technology, Inc.

Inventor： Prakash C. Jain ,  Sanjay K. Hooda ,  Vinay Saini

IPC: H04W28/02 ,  H04L12/46 ,  H04W88/08 ,  H04W84/12

CPC classification number: H04W28/0226 ,  H04L12/4633 ,  H04W84/12 ,  H04W88/08

Abstract: An enterprise network may receive a WiFi packet associated with a 5G service (or other type of service) at an access point (AP) in the enterprise network. The enterprise network determines whether the WiFi packet satisfies a first-packet policy associated with the 5G service, where the first-packet policy controls access to a tunnel for traversing the enterprise network to reach the 5G service. If the packet satisfies the policy, the enterprise network queries a map server to identify a location of a 5G border in the enterprise network that is connected to the 5G service. The enterprise network can transmit the WiFi packet on the tunnel with priority to meet SLA using the location of the 5G border.