公开(公告)号：US11838779B2

公开(公告)日：2023-12-05

申请号：US17556765

申请日：2021-12-20

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Sanjay Kumar Hooda ,  Venkatesh Ramachandra Gota ,  Chandramouli Balasubramanian ,  Anand Oswal

IPC: H04W24/08 ,  H04W28/02 ,  H04W36/22 ,  H04W28/24 ,  H04W48/06

CPC classification number: H04W24/08 ,  H04W28/0221 ,  H04W28/0284 ,  H04W28/0289 ,  H04W28/24 ,  H04W36/22 ,  H04W48/06

Abstract: Systems and methods for managing traffic in a hybrid environment include monitoring traffic load of a local network to determine whether the traffic load exceeds or is likely to exceed a maximum traffic load, where the maximum traffic load is a traffic load for which a service can be provided by the local network, based on a license. An excess traffic load is determined if the traffic load exceeds or is likely to exceed the maximum traffic load. One or more external networks which have a capacity to provide the service to the excess traffic load are determined, to which the excess traffic load is migrated. The local network includes one or more service instances for providing the service for up to the maximum traffic load, and the service to the excess traffic load is provided by one or more additional service instances in the one or more external networks.

公开(公告)号：US11659390B2

公开(公告)日：2023-05-23

申请号：US17460065

申请日：2021-08-27

Applicant: Cisco Technology, Inc.

Inventor： Rajesh S. Pazhyannur ,  Arun G. Khanna ,  Anand Oswal

IPC: H04W48/18 ,  H04W12/06 ,  H04L9/40 ,  H04W8/18 ,  H04W12/40

CPC classification number: H04W12/06 ,  H04L63/0853 ,  H04W8/183 ,  H04W12/40 ,  H04W48/18

Abstract: Systems and methods are provided for receiving, at an enterprise network, first authentication data of a citizens broadband radio service (CBRS)-enabled device, receiving, at the enterprise network, second authentication data of the CBRS-enabled device, the first authentication data of the CBRS-enabled device being a different type of authentication data than the second authentication data of the CBRS-enabled device, determining a class of the CBRS-enabled device based on the first authentication data and the second authentication data of the CBRS-enabled device, determining a network segment for the CBRS-enabled device based on the class of the CBRS-enabled device, and providing access to the CBRS-enabled device based on the determining of the network segment for the CBRS-enabled device.

公开(公告)号：US20230014351A1

公开(公告)日：2023-01-19

申请号：US17932092

申请日：2022-09-14

Applicant: Cisco Technology, Inc.

Inventor： Saravanan Radhakrishnan ,  Anand Oswal ,  Ashwin Kumar ,  Paul Wayne Bigbee ,  Darrin Joseph Miller

IPC: H04L9/40

Abstract: Systems and methods are provided for receiving, at a network device, a first set of rules from a security controller of an enterprise network, the first set of rules being different from a second set of rules provided to a firewall by the security controller, implementing, at the network device, the first set of rules received from the security controller, generating, at the network device, a first log including metadata based on the first set of rules, the first log being generated on a per flow basis, notifying, at the network device, a NetFlow of the first log including the metadata of the first set of rules, and providing, from the network device, the first log to a cloud-log store by the NetFlow of the network device, the cloud-log store receiving the first log from the network device and a second log from the firewall.

公开(公告)号：US20220131898A1

公开(公告)日：2022-04-28

申请号：US17569285

申请日：2022-01-05

Applicant: Cisco Technology, Inc.

Inventor： Sanjay Kumar Hooda ,  Anand Oswal ,  Nehal Bhau ,  Victor Moreno

IPC: G06F21/41 ,  H04L47/125

Abstract: A mapping system, under administrative control of a Wide Area Network (WAN) controller, can track each host, authorized to access a plurality of Local Area Networks (LANs), in one or more mapping databases including a first network address representing an identifier and a second network addressing representing a locator for each host. The mapping system can receive a request for resolution of a first identifier of a host not presently connected to the network. The mapping system can determine the mapping databases exclude a mapping for the first identifier. The mapping system can update the mapping databases with a first mapping including the first identifier and a first locator corresponding to a honeypot network device. The mapping system can transmit, to one or more LANs of the plurality of LANs, routing information to route traffic destined for the first identifier to the honeypot network device.

公开(公告)号：US20220116272A1

公开(公告)日：2022-04-14

申请号：US17645135

申请日：2021-12-20

Applicant: Cisco Technology, Inc.

Inventor： Rajesh S. Pazhyannur ,  Anand Oswal ,  Arun G. Khanna

IPC: H04L41/0806 ,  H04W76/10 ,  H04W4/029

Abstract: The present disclosure is directed to mapping indoor user movement using a combination of Wi-Fi and 60 GHz sensing. The methods include detecting, via a Wi-Fi access point, a wireless device associated with a first user, wherein the Wi-Fi access point is configured to determine location information and a device signature associated with the wireless device; transmitting the location information of the wireless device to a 11ay sensor; detecting the first user, via the 11ay sensor, based on the location information of the wireless device; creating a user signature associated with the first user, wherein the user signature is based on one or more physical characteristics of the first user detected by the 11ay sensor; and using the device signature associated with the wireless device and the user signature associated with the first user to subsequently identify the first user.

公开(公告)号：US20220060894A1

公开(公告)日：2022-02-24

申请号：US17517656

申请日：2021-11-02

Applicant: Cisco Technology, Inc.

Inventor： Rajesh S. Pazhyannur ,  Arun G. Khanna ,  Anand Oswal

IPC: H04W12/06 ,  H04W12/40 ,  H04W48/18 ,  H04W8/18 ,  H04L29/06

Abstract: Systems and methods are provided for receiving, at an enterprise network, first authentication data of a citizens broadband radio service (CBRS)-enabled device, receiving, at the enterprise network, second authentication data of the CBRS-enabled device, the first authentication data of the CBRS-enabled device being a different type of authentication data than the second authentication data of the CBRS-enabled device, determining a class of the CBRS-enabled device based on the first authentication data and the second authentication data of the CBRS-enabled device, determining a network segment for the CBRS-enabled device based on the class of the CBRS-enabled device, and providing access to the CBRS-enabled device based on the determining of the network segment for the CBRS-enabled device.

公开(公告)号：US11218916B2

公开(公告)日：2022-01-04

申请号：US16865910

申请日：2020-05-04

Applicant: Cisco Technology, Inc.

Inventor： Anand Oswal ,  Rajesh S. Pazhyannur ,  Arun G. Khanna

IPC: H04W4/00 ,  H04W36/00 ,  H04W76/11 ,  H04W80/02

Abstract: Technologies for attestation techniques, systems, and methods to that reduces handover delay between LTE/5G eNBs by leveraging Wi-Fi for determining UE location. The systems, methods and computer-readable storage media disclosed here in may operate in the following deployments: the User Equipment (UE) is connected to enterprise Wi-Fi system in addition to being connected to private LTE/5G; enterprise Wi-Fi system having indoor location enabled; and the location system provides an API to give indoor location of the UE; and wherein Wi-Fi AP and LTE eNBs can communicate with each other, which can be accomplished in one instance wherein the two are co-located.

公开(公告)号：US11201854B2

公开(公告)日：2021-12-14

申请号：US16434115

申请日：2019-06-06

Applicant: Cisco Technology, Inc.

Inventor： Vamsidhar Valluri ,  Saravanan Radhakrishnan ,  Anand Oswal ,  Vinay Prabhu ,  Sarah Adelaide Evans ,  Suraj Rangaswamy

IPC: H04L12/46 ,  H04L29/06 ,  H04L12/751 ,  H04L12/741

Abstract: Systems and methods provide for provisioning a dynamic intent-based firewall. A network controller can generate a master route table for network segments reachable from edge network devices managed by the controller. The controller can receive zone definition information mapping the network segments into zones and Zone-based Firewall (ZFW) policies to apply to traffic between a source and destination zone specified by each ZFW policy. The controller can evaluate a ZFW policy to determine first edge network devices that can reach first network segments mapped to the source zone specified by the ZFW policy, second edge network devices that can reach second network segments mapped to the destination zone specified by the ZFW policy, and routing information (from the route table) between the first network segments, the first and second edge network devices, and the second network segments. The controller can transmit the routing information to the edge network devices.

公开(公告)号：US20210385643A1

公开(公告)日：2021-12-09

申请号：US16895093

申请日：2020-06-08

Applicant: Cisco Technology, Inc.

Inventor： Rajesh S. Pazhyannur ,  Anand Oswal ,  Arun G. Khanna ,  Sudhir Jain

IPC: H04W8/02 ,  H04W48/16 ,  H04L29/12

Abstract: The present disclosure is directed to seamless mobility between Wi-Fi technologies and includes one or more processors and one or more computer-readable non-transitory storage media comprising instructions that perform operations including detecting a client device having 802.11ax and 802.11ay Wi-Fi capability, identifying a 802.11ax access point associated with a first data path, wherein the first data path is configured to transmit traffic to and from the client device, identifying a 802.11ay access point associated with a second data path, wherein the second data path is configured to transmit the traffic to and from the client device, and wherein the 802.11ay access point is non-colocated with the 802.11ax access point, and establishing a mobility anchor point through which the traffic is switched, wherein a determination is made in the mobility anchor point as to whether the traffic will be transmitted via the 802.11ax access point through the first data path or via the 802.11ay access point through the second data path.

公开(公告)号：US20210160179A1

公开(公告)日：2021-05-27

申请号：US17164553

申请日：2021-02-01

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Khalil A. Jabr ,  Anand Oswal ,  Vivek Agarwal ,  Chandramouli Balasubramanian

IPC: H04L12/715 ,  H04L12/723 ,  H04L12/46 ,  H04L12/851

Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.