公开(公告)号：US20250023793A1

公开(公告)日：2025-01-16

申请号：US18493369

申请日：2023-10-24

Applicant: Cisco Technology, Inc.

Inventor： Eric A Voit ,  John Michael Lake ,  Carlos M. Pignataro

IPC: H04L41/147 ,  H04L41/16

Abstract: Techniques for ultra-short-term resource forecasting for a network device are described. A selection of a time series algorithm from a set of time series algorithms for determining capacity right-sizing of a local resource is received, the is selection based at least in part on current local traffic conditions. Based on current local traffic conditions, parameter values to be used in the algorithm are determined, the parameters are associated with the time series algorithm selection. A number of data points for input to the time series algorithm are determined, the data points are a sequence of values representing an amount of the local resource used by the network device at a point in time and are collected at predetermined time intervals. Based on a calculation of the time series algorithm using the number of data points and parameter values, the right-size capacity of the local resource for the network device is determined and provided.

公开(公告)号：US12199968B2

公开(公告)日：2025-01-14

申请号：US18372028

申请日：2023-09-22

Applicant: Cisco Technology, Inc.

Inventor： David J Zacks ,  Carlos M. Pignataro ,  Thomas Szigeti

IPC: H04L9/40 ,  G06F21/31

Abstract: This disclosure describes techniques for performing enhanced authentication of a device based on physical proximity of the device to one or more other authenticated devices. An example method includes performing a first authentication of a first device or a first user and connecting the first device to a protected resource. Based on determining that the first device is within a threshold distance of a second, authenticated, device, a reauthentication interval is selected. Based on determining that the reauthentication interval has expired, a second authentication is initiated by transmitting, to the first device or a third device associated with the first user, a request for an authentication factor.

公开(公告)号：US12126691B2

公开(公告)日：2024-10-22

申请号：US17747165

申请日：2022-05-18

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  David John Zacks ,  Thomas Szigeti

IPC: H04L67/306 ,  H04L43/0876 ,  H04L67/141

CPC classification number: H04L67/306 ,  H04L43/0876 ,  H04L67/141

Abstract: A connection request is received from a user device associated with a user. The connection request includes an identifier associated with a profile associated with the user, the profile being a static profile or a dynamic profile. An observability profile associated with the user is identified based on the profile when the profile is a static profile and based on a current traffic profile associated with the user device when the profile is a dynamic profile. Measurements associated with a data session are executed for the user device based on the observability profile and one or more configurations are adjusted in a network to improve performance of the data session based on the measurements.

公开(公告)号：US12101219B2

公开(公告)日：2024-09-24

申请号：US18103918

申请日：2023-01-31

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro

IPC: H04L12/24 ,  H04L41/0668 ,  H04L41/12 ,  H04L45/28 ,  H04L47/24

CPC classification number: H04L41/0668 ,  H04L41/12 ,  H04L45/28 ,  H04L47/24

Abstract: Techniques for identifying nodes in a data center fabric that are affected by a failure in the fabric, and selectively sending disaggregation advertisements to the nodes affected by the failure. The techniques include a process where a component monitors the network fabric to identify communication paths between leaf nodes, and determines what leaf nodes would be affected by a failure in those communication paths. The component may detect a failure in the network and determine which communication paths, and thus which leaf nodes, are affected by the failure and send disaggregation advertisements to the affected leaf nodes. In some examples, ingress leaf nodes send data through the fabric that indicate egress nodes for the communication paths. Intermediate nodes along may receive the data from the leaf nodes to identify communication paths, and the notify only affected nodes upon detecting a failure in the network.

公开(公告)号：US12052176B2

公开(公告)日：2024-07-30

申请号：US17495479

申请日：2021-10-06

Applicant: Cisco Technology, Inc.

Inventor： Rajesh Indira Viswambharan ,  Nagendra Kumar Nainar ,  Akram Sheriff ,  Vinay Saini ,  David J. Zacks ,  Carlos M. Pignataro

IPC: H04L12/24 ,  H04L1/00 ,  H04L47/20 ,  H04L47/32

CPC classification number: H04L47/20 ,  H04L1/0078 ,  H04L47/32

Abstract: Techniques for policy-based failure handling of data that is received for processing by failed edge services are described herein. The techniques may include receiving, at an edge node of a network, a data handling policy for a service hosted on the edge node. The service may be configured to process traffic on behalf of an application hosted by a cloud-based platform. In some examples, the data handling policy may be stored in a memory that is accessible to the edge node. The techniques may also include receiving traffic at the edge node that is to be processed at least partially by the service. At least partially responsive to detecting an error associated with the service, the edge node may cause the traffic to be handled according to the data handling policy while the service is experiencing the error.

公开(公告)号：US12028378B2

公开(公告)日：2024-07-02

申请号：US18068470

申请日：2022-12-19

Applicant: Cisco Technology, Inc.

Inventor： K Tirumaleswar Reddy ,  Prashanth Patil ,  Carlos M. Pignataro

IPC: H04L9/40 ,  H04L9/08

CPC classification number: H04L63/166 ,  H04L9/0822 ,  H04L9/0827 ,  H04L63/0435 ,  H04L2463/062

Abstract: A method for resuming a Transport Layer Security (TLS) session in a Service Function Chain comprising a plurality of Service Function nodes coupled to a Service Function Forwarder. A request is received at a first Service Function node to establish a TLS session, and a Pre-Shared Key (PSK) and a PSK identifier that uniquely correspond to the first Service Function node and the TLS session are generated. The PSK identifier is forwarded to one or more of the Service Function Forwarder and the plurality of Service Function nodes. A request to resume the TLS session is received from a client device that previously disconnected. It is determined that the connection request contains the PSK identifier, a second Service Function node is selected, and the TLS session is re-established between the client device and the second Service Function node using the same PSK as the prior TLS session.

公开(公告)号：US11966413B2

公开(公告)日：2024-04-23

申请号：US16811806

申请日：2020-03-06

Applicant: Cisco Technology, Inc.

Inventor： Hugo Latapie ,  Enzo Fenoglio ,  Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  David Delano Ward

IPC: G06F16/27 ,  G06F18/00 ,  G06N5/022 ,  G06N5/043 ,  G06N5/048 ,  G06N20/00

CPC classification number: G06F16/27 ,  G06F18/00 ,  G06N5/022 ,  G06N5/043 ,  G06N5/048 ,  G06N20/00

Abstract: In one embodiment, a first deep fusion reasoning engine (DFRE) agent in a network receives first sensor data from a first set of one or more sensors in the network. The first DFRE agent translates the first sensor data into symbolic data. The first DFRE agent applies, using a symbolic knowledge base maintained by the first DFRE agent, symbolic reasoning to the symbolic data to make an inference regarding the first sensor data. The first DFRE agent updates, based on the inference regarding the first sensor data, the knowledge base. The first DFRE agent propagates the inference to one or more other DFRE agents in the network.

公开(公告)号：US11917025B2

公开(公告)日：2024-02-27

申请号：US17461339

申请日：2021-08-30

Applicant: Cisco Technology, Inc.

Inventor： Zizhen Gao ,  David C. White, Jr. ,  Carlos M. Pignataro ,  Chidambaram Arunachalam

IPC: H04L41/16 ,  H04L67/1025 ,  H04L41/14 ,  H04L67/00 ,  H04L67/1004

CPC classification number: H04L67/34 ,  H04L41/16 ,  H04L67/1004 ,  H04L67/1025

Abstract: Methods are provided in which a computing device obtains telemetry data associated with a network technology used in an enterprise network and an enterprise network profile that includes information about the complexity of the enterprise network. The network technology is deployed at one or more devices of the enterprise network. The methods further include the computing device determining, based on the telemetry data, for each deployment of the network technology, a current stage from a plurality of stages of an adoption lifecycle to which the network technology progressed, determining a time estimate for completing the current stage of the adoption lifecycle, based on the enterprise network profile and an adoption benchmark generated from a plurality of activities performed for progressing along the adoption lifecycle, and evaluating an adoption of the network technology, using the time estimate, to progress the network technology along the lifecycle.

公开(公告)号：US11909641B2

公开(公告)日：2024-02-20

申请号：US18148245

申请日：2022-12-29

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Zafar Ali ,  Syed Kamran Raza

IPC: H04L45/74 ,  H04L45/745 ,  H04L43/12

CPC classification number: H04L45/745 ,  H04L43/12

Abstract: The present disclosure includes methods, systems, and non-transitory computer-readable media for validating data in a data structure used for forwarding packets by a network device comprising sending a data packet probe identifying a destination and including a segment ID, wherein the segment ID maps to a first interpretation by a receiving router to perform an action on the data packet probe to rewrite a portion of a destination address in a header of the data packet probe, and to redirect the data packet probe to the network device that initiated the data packet probe.

公开(公告)号：US20240048511A1

公开(公告)日：2024-02-08

申请号：US18489208

申请日：2023-10-18

Applicant: Cisco Technology, Inc.

Inventor： Chidambaram Arunachalam ,  Gonzalo Salgueiro ,  David deMilo ,  Kevin Elrod ,  Felipe De Mello ,  Carlos M. Pignataro

IPC: H04L51/02 ,  H04L12/18 ,  H04L9/40 ,  H04L51/046

CPC classification number: H04L51/02 ,  H04L12/1822 ,  H04L63/105 ,  H04L63/102 ,  H04L51/046

Abstract: A system and method for creating a context-aware, conversational chat bot or agent in multi-party conversations where participants have different levels of security access to information and the bot operates in one or more modes depending on the business context of the multi-user collaboration virtual workspace. The methods include adding a bot, as a participant, to a virtual workspace that is a multi-user collaboration workspace, obtaining, at a bot application server, context of the virtual workspace, setting, by the bot application server, a skill set for the bot from among a plurality of skill sets. The skill set varies based on the context of the virtual workspace. The methods further include configuring, by the bot application server, the bot to perform at least one task in the virtual workspace based on the skill set.