公开(公告)号：US10785195B2

公开(公告)日：2020-09-22

申请号：US15854181

申请日：2017-12-26

Applicant: Cisco Technology, Inc.

Inventor： Gangadharan Byju Pularikkal ,  Santosh Ramrao Patil ,  Mark Grayson ,  Madhusudan Nanjanagud

IPC: H04L29/06 ,  H04W12/04 ,  H04W12/08 ,  H04W12/00 ,  H04W12/02 ,  H04W84/12

Abstract: In various implementations, a method includes receiving a request to establish an end-to-end encrypted session between a device in an enterprise network and an external entity that is outside the enterprise network. In some implementations, the end-to-end encrypted session allows encrypted packets to be transmitted between the device and the external entity. In various implementations, the method includes determining whether the request satisfies an enterprise security criterion for establishing the end-to-end encryption session. In various implementations, the method includes in response to determining that the request satisfies the enterprise security criterion, triggering the establishment of the end-to-end encrypted session between the device in the enterprise network and the external entity that is outside the enterprise entity.

公开(公告)号：US20200067844A1

公开(公告)日：2020-02-27

申请号：US16111074

申请日：2018-08-23

Applicant: Cisco Technology, Inc.

Inventor： Gangadharan Byju Pularikkal ,  Santosh Ramrao Patil ,  Mark Grayson ,  Swaminathan Anantha ,  Sourav Chakraborty

IPC: H04L12/857 ,  H04L12/927 ,  H04L29/06 ,  H04L12/725

Abstract: Systems, methods, and devices are disclosed for providing a quality of service between nodes. A service provider can receive, from a first node of a customer network to an ingress node of a service provider network, packets bound for a second node on the customer network that is remote from the first node. The packets are mapped to a network segment according to a traffic type based on an identifier associated with the packets that identifies the traffic type of the packets. The packets are sent via their mapped network segment to an egress node with connectivity to the second node of the customer network according to a quality of service associated with the traffic type identified by the identifier.

公开(公告)号：US10567293B1

公开(公告)日：2020-02-18

申请号：US16111074

申请日：2018-08-23

Applicant: Cisco Technology, Inc.

Inventor： Gangadharan Byju Pularikkal ,  Santosh Ramrao Patil ,  Mark Grayson ,  Swaminathan Anantha ,  Sourav Chakraborty

IPC: H04L12/927 ,  H04L29/06 ,  H04L12/725 ,  H04L12/857 ,  H04L12/26

Abstract: Systems, methods, and devices are disclosed for providing a quality of service between nodes. A service provider can receive, from a first node of a customer network to an ingress node of a service provider network, packets bound for a second node on the customer network that is remote from the first node. The packets are mapped to a network segment according to a traffic type based on an identifier associated with the packets that identifies the traffic type of the packets. The packets are sent via their mapped network segment to an egress node with connectivity to the second node of the customer network according to a quality of service associated with the traffic type identified by the identifier.

公开(公告)号：US20190312775A1

公开(公告)日：2019-10-10

申请号：US15947107

申请日：2018-04-06

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ramrao Patil ,  Kirti Yeshwant Barve

IPC: H04L12/24 ,  H04L12/26

Abstract: The disclosed technology relates a system is configured to generate a protected configuration for a network device based on network connectivity data for a plurality of devices in a managed network associated with a cloud management system. The system is further configured to receive a configuration change for the managed network, determine that the configuration change is incompatible with the protected configuration, and generate a notification that the configuration change is incompatible with the protected configuration.

公开(公告)号：US20190289028A1

公开(公告)日：2019-09-19

申请号：US16434564

申请日：2019-06-07

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal

IPC: H04L29/06 ,  H04W24/00 ,  H04W12/12 ,  H04W24/04

Abstract: Various implementations disclosed herein enable identifying anomalies in a network. For example, in various implementations, a method of identifying anomalies in a network is performed by a network node. In various implementations, the network node includes one or more processors, and a non-transitory memory. In various implementations, the method includes generating a characteristic indicator that characterizes a device type based on communications associated with a first device of the device type. In various implementations, the method includes determining, based on communications associated with the first device, a performance indicator that indicates a performance of the first device. In various implementations, the method includes synthesizing an anomaly indicator as a function of the performance indicator in relation to the characteristic indicator.

公开(公告)号：US20190245868A1

公开(公告)日：2019-08-08

申请号：US15891708

申请日：2018-02-08

Applicant: Cisco Technology, Inc.

Inventor： Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal ,  David McGrew ,  Blake Harrell Anderson ,  Madhusudan Nanjanagud

IPC: H04L29/06

CPC classification number: H04L63/1408 ,  H04L43/04 ,  H04L69/16

Abstract: Methods and systems to estimate encrypted multi-path TCP (MPTCP) network traffic include restricting traffic in a first direction (e.g., uplink) to a single path, and estimating traffic of multiple subflows of a second direction (e.g., downlink) based on traffic over the single path of the first direction. The estimating may be based on, without limitation, acknowledgment information of the single path, a sequence of acknowledgment numbers of the single path, an unencrypted initial packet sent over the single path as part of a secure tunnel setup procedure, TCP header information of the unencrypted initial packet (e.g., sequence number, acknowledgment packet, and/or acknowledgment packet length), and/or metadata of packets of the single path (e.g., regarding cryptographic algorithms, Diffie-Helman groups, and/or certificate related data).

公开(公告)号：US20180368047A1

公开(公告)日：2018-12-20

申请号：US15623247

申请日：2017-06-14

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Santosh Ramrao Patil ,  Mark Grayson ,  Gangadharan Byju Pularikkal

IPC: H04W40/12 ,  H04L12/721 ,  H04L12/709

Abstract: An example method is provided in one example embodiment and may include receiving, at a packet data network gateway (PGW), a packet associated with an Internet Protocol (IP) flow of a user equipment (UE); identifying a routing rule associated with the IP flow, wherein the routing rule comprises routing access information that identifies whether the IP flow can be routed across a plurality of access networks using weighted link aggregation; and selecting a particular access network to facilitate communications for the IP flow of the UE based on the routing rule. In some cases, the selecting can include assigning the IP flow of the UE to a bearer established for the UE for the particular access network.

公开(公告)号：US10080097B2

公开(公告)日：2018-09-18

申请号：US14687198

申请日：2015-04-15

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Mark Grayson ,  Anton Okmyanskiy ,  Ziv Nuss ,  Swaminathan A. Anantha ,  Andrea Giustina ,  Mickael James Graham ,  Santosh Ramrao Patil

IPC: H04W4/02 ,  H04W36/16 ,  H04W64/00 ,  H04W68/02 ,  H04W52/28 ,  H04W84/12 ,  H04W52/24 ,  H04W84/18 ,  H04W84/04

CPC classification number: H04W4/029 ,  H04W36/165 ,  H04W52/244 ,  H04W52/283 ,  H04W64/006 ,  H04W68/02 ,  H04W84/045 ,  H04W84/12

Abstract: An example method is provided in one example embodiment and may include determining a presence of user equipment (UE) in relation to small cell radio(s) of a small cell network based on information obtained through the small cell network and one or more parallel networks; and adjusting transmit power for the small cell radio(s) based on the presence of UE in relation to the small cell radio(s). Another example method can include determining that a UE in cell paging channel mode has changed its selected macro cell radio; determining that the UE is allowed service on a small cell radio located in a vicinity of a macro cell coverage area of a selected macro cell radio; and adjusting a transmit power of the small cell radio based on a presence of the UE in a surrounding macro cell coverage area of the small cell radio.

公开(公告)号：US09699696B2

公开(公告)日：2017-07-04

申请号：US14299905

申请日：2014-06-09

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Sandro Grech ,  Santosh Ramrao Patil ,  Cristovao Correia Da Silva ,  Mark Grayson ,  Anton Okmyanskiy

IPC: H04W36/00 ,  H04W36/04

CPC classification number: H04W36/04 ,  H04W36/0061

Abstract: An example method is provided in one example embodiment and includes receiving a request to relocate a user equipment (UE) from a source macro radio to an ambiguous small cell access point (AP), wherein the request includes a target cell identity (ID) encoded with a source macro cell identifier for the source macro radio and a target sub-carrier identifier for the ambiguous small cell AP; determining potential target small cell APs for relocation of the first UE using the using the first target cell ID, wherein each of the potential target small cell APs are within a coverage area of the source macro radio and operate using the target sub-carrier identifier; and preparing, for each of the potential target small cell APs, a common channel to receive relocation of the first UE. The first UE can relocate to a particular target small cell access point using the common channel.

公开(公告)号：US09699601B2

公开(公告)日：2017-07-04

申请号：US14679868

申请日：2015-04-06

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Mark Grayson ,  Anton Okmyanskiy ,  Ziv Nuss ,  Swaminathan A. Anantha ,  Andrea Giustina ,  Mickael James Graham ,  Santosh Ramrao Patil

IPC: H04W4/00 ,  H04B7/00 ,  H04W24/00 ,  H04W4/02 ,  H04W36/16 ,  H04W64/00 ,  H04W68/02 ,  H04W52/28 ,  H04W84/12 ,  H04W52/24 ,  H04W84/18 ,  H04W84/04

CPC classification number: H04W4/02 ,  H04W36/165 ,  H04W52/244 ,  H04W52/283 ,  H04W64/006 ,  H04W68/02 ,  H04W84/045 ,  H04W84/12 ,  H04W84/18

Abstract: An example method is provided in one example embodiment and may include determining a presence of user equipment (UE) in relation to small cell radio(s) of a small cell network based on information obtained through the small cell network and one or more parallel networks; and adjusting transmit power for the small cell radio(s) based on the presence of UE in relation to the small cell radio(s). Another example method can include determining that a UE in cell paging channel mode has changed its selected macro cell radio; determining that the UE is allowed service on a small cell radio located in a vicinity of a macro cell coverage area of a selected macro cell radio; and adjusting a transmit power of the small cell radio based on a presence of the UE in a surrounding macro cell coverage area of the small cell radio.