公开(公告)号：US12212541B2

公开(公告)日：2025-01-28

申请号：US18591538

申请日：2024-02-29

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Robert E. Barton ,  Jerome Henry

IPC: H04L61/5014 ,  H04W12/108 ,  H04W12/71 ,  H04L101/622

Abstract: An authorization device obtains a registration request associated with an end device, the registration request including a new randomized media access control (MAC) address associated with the end device; determines whether the end device is authorized to use the new randomized MAC address; transmits a message to the end device with a first randomly generated number when it is determined that the end device is authorized to use the new randomized MAC address; obtains integrity information associated with the end device, the first integrity information being computed based on the first randomly generated number; transmits a request to a validation system to validate the end device based on the first integrity information; obtains an indication that the end device is validated; determines policies associated with the end device when it is determined that the end device is validated; and applies the policies to the end device.

公开(公告)号：US20240422018A1

公开(公告)日：2024-12-19

申请号：US18335841

申请日：2023-06-15

Applicant: Cisco Technology, Inc.

Inventor： Carlos Pignataro ,  Nagendra Kumar Nainar

IPC: H04L12/18 ,  H04L41/0803

Abstract: Devices, systems, methods, and processes for conducting sustainability-aware virtual meetings are described herein. When establishing virtual meetings, each of the participants can have various devices, locations, histories, and other data associated with them. This data can be packaged together as a user profile which can be transmitted to a virtual meeting service or a host that can receive the various user profiles and generate a meeting profile that can be utilized to maximize the overall sustainability of the virtual meeting. The meeting profile can include configuration suggestions that can be transmitted out to each corresponding device of the participants to either prompt or automatically adjust one or more settings, features, or other configuration, such as energy-saving features, that can increase the overall sustainability. These conditions can be monitored during the meeting and adjusted dynamically in response to changing conditions. In response, devices can adjust configurations or alter audio/video transmissions.

公开(公告)号：US20240333633A1

公开(公告)日：2024-10-03

申请号：US18194037

申请日：2023-03-31

Applicant: Cisco Technology, Inc.

Inventor： Carlos Pignataro ,  Nagendra Kumar Nainar ,  Sri Gundavelli

IPC: H04L45/302 ,  H04L67/63

CPC classification number: H04L45/302 ,  H04L67/63

Abstract: Network energy efficiency and green power selection may be optimized by employing graph-oriented service chains configured to share sustainability attributes and metadata augmentation. More specifically, network Service Function Chain (SFC) creation can include a set of power and energy-specific and sustainable attributes. In general, the goal of SFC is to enable the creation of a service path that matches the specific needs of an application or service. SFCs are composed of a sequence of network functions, such as firewalls, load balancers, intrusion detection systems, and other services. Each network function performs a specific task on the network traffic, and the packets are passed from one function to the next until they reach their destination. Overall, SFCs are a powerful tool for managing complex network environments, enabling network administrators to deploy and manage network services more efficiently and effectively.

公开(公告)号：US20240333591A1

公开(公告)日：2024-10-03

申请号：US18381426

申请日：2023-10-18

Applicant: Cisco Technology, Inc.

Inventor： Carlos Pignataro ,  Eric A. Voit ,  Nagendra Kumar Nainar ,  Marcelo Yannuzzi

IPC: H04L41/0833 ,  H04L41/12 ,  H04L45/48

CPC classification number: H04L41/0833 ,  H04L41/12 ,  H04L45/48

Abstract: Energy-aware configurations can be utilized to operate a network based on sustainability-related metrics. In many embodiments, a suitable device includes a processor, a memory commutatively coupled to the processor, a plurality of elements, a communication port, and an energy-aware topology logic configured to collect topology data from one or more network devices, wherein each of the one or more network devices include a plurality of elements. The energy-aware topology logic can receive power source data and power usage data related to plurality of elements and generate an element energy coefficient (EEC) for a plurality of elements. Subsequently, the energy-aware topology logic can also generate an energy-aware configuration for at least one of the one or more network devices, and then pass the generated energy-aware configuration to the at least one network device, wherein the energy-aware configuration is configured to steer traffic based on at least one sustainability-related metric.

公开(公告)号：US12088628B2

公开(公告)日：2024-09-10

申请号：US17497079

申请日：2021-10-08

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Rahul Rammanohar ,  Kondaveeti Lakshmi Ganesh ,  David John Zacks

IPC: H04L9/40

CPC classification number: H04L63/20 ,  H04L63/0876 ,  H04L63/10 ,  H04L63/1408

Abstract: In one embodiment, an access policy enforcement service receives a user authentication request from an end-user device. The access policy enforcement service identifies a telemetry collection intent from the user authentication request. The access policy enforcement service determines a monitoring policy based on the telemetry collection intent identified from the user authentication request. The access policy enforcement service configures, according to the monitoring policy, one or more telemetry collection agents to collect telemetry for traffic associated with the end-user device.

公开(公告)号：US11991090B2

公开(公告)日：2024-05-21

申请号：US17969345

申请日：2022-10-19

Applicant: Cisco Technology, Inc.

Inventor： Shankar Ramanathan ,  Nagendra Kumar Nainar ,  Carlos M. Pignataro

IPC: H04L47/80

CPC classification number: H04L47/80

Abstract: A method of orchestrating one or more radio resources among various services executing within a container. The method includes obtaining, by an orchestration engine executing on a network device, a request, from a first service of a plurality of services, for use of a physical/hardware resource that connects a container running on the network device to a network. The request from the first service has a particular priority. The plurality of services execute within the container. The method further includes determining whether to connect the first service to the network via the physical/hardware resource based on the priority and an availability status of the physical/hardware resource and establishing, at a kernel level, a connection between the first service and the physical/hardware resource based on the determining.

公开(公告)号：US11943016B2

公开(公告)日：2024-03-26

申请号：US17989262

申请日：2022-11-17

Applicant: Cisco Technology, Inc.

Inventor： John Matthew Swartz ,  Nagendra Kumar Nainar ,  Matthew Aaron Silverman

IPC: H04B7/0452 ,  H04B7/0426 ,  H04B17/327 ,  H04B17/336

CPC classification number: H04B7/0452 ,  H04B7/0426 ,  H04B17/327 ,  H04B17/336

Abstract: Presented herein are techniques to shield transmissions from being received and the information contained in them recovered by unwanted devices. Multi-user multiple-input multiple-output (MU-MIMO) techniques are employed, and in particular the spatial dimension aspects of those techniques. Shield nodes are controlled to transmit in a way to obscure the downlink streams transmitted by a wireless access point that are intended for a particular client device to anything outside of the shielded area, and also to obscure uplink streams from one or more client devices to the wireless access point to anything outside of the shielded area but allowing the uplink streams to be well received by the wireless access point.

公开(公告)号：US11916701B2

公开(公告)日：2024-02-27

申请号：US17502141

申请日：2021-10-15

Applicant: Cisco Technology, Inc.

Inventor： Rajesh Indira Viswambharan ,  Vinay Saini ,  Ram Mohan Ravindranath ,  Nagendra Kumar Nainar

IPC: H04L12/46 ,  H04L12/66

CPC classification number: H04L12/4641 ,  H04L12/66

Abstract: In one embodiment, a method herein comprises: establishing, by a process, a virtual private network connection (VPN connection) with a particular VPN gateway; requesting, by the process, observability monitoring through the particular VPN gateway, wherein requesting results in a controller being informed about the particular VPN gateway and a domain of the particular VPN gateway; receiving, by the process, test specifics from the controller based on the particular VPN gateway and the domain of the particular VPN gateway; and executing, by the process, one or more tests to the particular VPN gateway based on the test specifics.

公开(公告)号：US11770334B2

公开(公告)日：2023-09-26

申请号：US17856593

申请日：2022-07-01

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Robert Edgar Barton ,  Carlos M. Pignataro ,  Jerome Henry ,  Olivier Pelerin ,  Shankar Vemulapalli

IPC: H04L45/00 ,  H04L9/40 ,  H04L12/46 ,  H04L47/2425 ,  H04L61/4511

CPC classification number: H04L45/70 ,  H04L12/4633 ,  H04L47/2425 ,  H04L61/4511 ,  H04L63/029

Abstract: Techniques for utilizing a cloud service to compute an end-to-end SLA-aware path using dynamic software-defined cloud interconnect (SDCI) tunnels between a user device and an access point-of-presence (POP) node and inter-POP tunnels of the SDCI. The cloud service may include a performance aware path instantiation (PAPI) component including a POP database for storing performance metrics associated with the POPs of the SDCI, an enterprise policy database for storing user specific policies, and/or a path computation component. The path computation component may compute the path, based on the user specific policies, performance metrics associated with the POP nodes, and/or real-time contextual data associated with the user device and/or destination device. The path may include a first tunnel between the user device and the most optimal access POP node of the SDCI and a second tunnel between the access POP node, through the internal POP nodes, and to the destination device.

公开(公告)号：US11770251B2

公开(公告)日：2023-09-26

申请号：US17016046

申请日：2020-09-09

Applicant: Cisco Technology, Inc.

Inventor： Nagendra Kumar Nainar ,  Carlos M. Pignataro ,  Akram Ismail Sheriff

IPC: H04L29/06 ,  H04L9/32 ,  G06F9/50 ,  H04L9/06

CPC classification number: H04L9/3213 ,  G06F9/5072 ,  H04L9/0656 ,  H04L9/3268

Abstract: Techniques and mechanisms for providing continuous integrity validation-based control plane communication in a container-orchestration system, e.g., the Kubernetes platform. A worker node generates a nonce and forwards the nonce to a master node while requesting an attestation token. Using the nonce, the master node generates the attestation token and replies back to the worker node with the attestation token. The worker node validates the attestation token with a CA server to ensure that the master node is not compromised. The worker node sends its authentication credentials to the master node. The master node generates a nonce and forwards the nonce to the worker node while requesting an attestation token. Using the nonce, the worker node generates the attestation token and replies back to the master node with the attestation token. The master node validates the attestation token with the CA server to ensure that the worker node is not compromised.