公开(公告)号：US11042635B2

公开(公告)日：2021-06-22

申请号：US16040727

申请日：2018-07-20

Applicant: Cisco Technology, Inc.

Inventor： Yaron Sella ,  Kevin W. Holcomb ,  Subhasri Dhesikan ,  Raghuram S. Sudhaakar

IPC: G06F21/56 ,  G06F9/4401

Abstract: Many modern devices and machines (e.g., Internet of Things (IoT) devices and connected vehicles (CV)) include wireless interfaces that permit external devices to communicate with the devices and machines. These wireless interfaces can be attacked by malicious actors who can affect the operation of the devices or machines. Embodiments herein describe a user controlled actuator (e.g., a knob, set of buttons, switches, etc.) for responding to a wireless attack. Using the actuator, the user can set a response level depending on the threat. Each threat level can elicit a predefined action or set of actions from a control system in the device or machine.

公开(公告)号：US11012251B2

公开(公告)日：2021-05-18

申请号：US16149756

申请日：2018-10-02

Applicant: Cisco Technology, Inc.

Inventor： Hendrikus G. P. Bosch ,  Sape Jurriën Mullender ,  Ijsbrand Wijnands ,  Alessandro Duminuco ,  Jeffrey Michael Napper ,  Subhasri Dhesikan

IPC: H04L12/18 ,  H04L12/801 ,  H04L12/863 ,  H04L12/931 ,  H04L12/937

Abstract: In one example embodiment, a server generates a candidate instantiation of virtual applications among a plurality of hosts in a data center to support a multicast stream. The server provides, to a first set of agents corresponding to a first set of the plurality of hosts, a command to initiate a test multicast stream. The server provides, to a second set of agents corresponding to a second set of the plurality of hosts, a command to join the test multicast stream. The server obtains, from the second set of agents, a message indicating whether the second set of agents received the test multicast stream. If the message indicates that the second set of agents received the test multicast stream, the server causes the virtual applications to be instantiated in accordance with the candidate instantiation of the virtual applications.

公开(公告)号：US11777785B2

公开(公告)日：2023-10-03

申请号：US15876162

申请日：2018-01-21

Applicant: Cisco Technology, Inc.

Inventor： Subhasri Dhesikan ,  Raghuram S. Sudhaakar ,  Kevin Holcomb ,  Yaron Sella

IPC: H04L41/0604 ,  H04L41/0681 ,  H04W4/44 ,  H04L41/0686 ,  H04L47/215 ,  H04L41/069 ,  H04L12/28 ,  H04L12/40

CPC classification number: H04L41/0604 ,  H04L12/2825 ,  H04L41/069 ,  H04L41/0681 ,  H04L41/0686 ,  H04L47/215 ,  H04W4/44 ,  H04L2012/40215 ,  H04L2012/40273

Abstract: In one embodiment, methods, systems, and apparatus are described in which data to be used by a processor is stored in a memory. Network communications with a data center are enabled via a network interface. The processor maintains a reporting policy for reporting anomalous events to the data center, the reporting policy having at least one rule for determining a reporting action to be taken by the processor in response to an anomalous event. The processor further monitors the IoT device for a report of an occurrence of the anomalous event. The processor performs the reporting action according to the at least one rule, in response to the report of the occurrence of the anomalous event. An episodic update to the reporting policy from the data center may be received at the processor, which modifies the reporting policy in accordance with the update. Related methods, systems, and apparatus are also described.

公开(公告)号：US20180343326A1

公开(公告)日：2018-11-29

申请号：US15606251

申请日：2017-05-26

Applicant: Cisco Technology, Inc.

Inventor： Herbert Wildfeuer ,  Pradeep Kumar Kathail ,  Subhasri Dhesikan ,  Raghuram S. Sudhaakar

IPC: H04L29/06 ,  H04B1/54 ,  H04W72/00

Abstract: In one embodiment, a device between a Controller Area Network (CAN)-based network and an Internet Protocol (IP)-based network receives a CAN message from a node in the CAN-based network. The CAN message comprises a CAN message identifier and a data field. The device determines an IP header based on the CAN message identifier and the CAN message. The device converts the data field of the CAN message into an IP message that includes the determined IP header. The device sends the IP message via the IP network to one or more eligible destinations for the IP message.

公开(公告)号：US20200322391A1

公开(公告)日：2020-10-08

申请号：US16579906

申请日：2019-09-24

Applicant: Cisco Technology, Inc.

Inventor： Clarence Filsfils ,  David Delano Ward ,  Reshad Rahman ,  Subhasri Dhesikan ,  Eric Albin Voit

IPC: H04L29/06 ,  H04L12/913 ,  H04L29/08 ,  H04L12/16 ,  H04L12/723 ,  H04L12/707

Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including determining a path through a plurality of provider nodes within a provider network and determining that the path through the plurality of provider nodes within the provider network is secure. The operations also include receiving, from a customer node, a Resource Reservation Protocol (RSVP) path message comprising an attribute for a security request. The operations further include routing the RSVP path message along the path of the plurality of provider nodes.

公开(公告)号：US10560359B2

公开(公告)日：2020-02-11

申请号：US15389960

申请日：2016-12-23

Applicant: Cisco Technology, Inc.

Inventor： Subhasri Dhesikan ,  Pradeep Kumar Kathail

IPC: H04L12/28 ,  H04L12/26 ,  H04L12/761 ,  H04L12/18

Abstract: In one embodiment, a method includes determining a first node as a current termination node of a first multicast flow; determining whether a link between the first node and a downstream next-hop node has available bandwidth to accommodate the first multicast flow, where the downstream next-hop node is not currently associated with the first multicast flow; and transmitting the first multicast flow to the downstream next-hop node according to a determination that the link between the first node and a downstream next-hop node has available bandwidth to accommodate the first multicast flow. According to some implementations, the method is performed by a controller with one or more processors and non-transitory memory, where the controller is communicatively coupled to a plurality of network nodes in a network.

公开(公告)号：US10439879B2

公开(公告)日：2019-10-08

申请号：US15346233

申请日：2016-11-08

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Subhasri Dhesikan ,  Pradeep Kumar Kathail ,  Sachin Vijay Vishwarupe

IPC: G06F13/00 ,  H04L12/24 ,  H04L12/26 ,  H04L12/751 ,  H04L12/721 ,  H04L12/851 ,  H04L12/823 ,  H04L12/729

Abstract: In one embodiment, a method includes discovering at a network controller, a topology and link capacities for a network, the network controller in communication with a plurality of spine nodes and leaf nodes, the link capacities comprising capacities for links between the spine nodes and the leaf nodes, identifying at the network controller, a flow received from a source at one of the leaf nodes, selecting at the network controller, one of the spine nodes to receive the flow from the leaf node based, at least in part, on the link capacities, and programming the network to transmit the flow from the spine node to one of the leaf nodes in communication with a receiver requesting the flow. An apparatus and logic are also disclosed herein.

公开(公告)号：US20180183697A1

公开(公告)日：2018-06-28

申请号：US15389960

申请日：2016-12-23

Applicant: Cisco Technology, Inc.

Inventor： Subhasri Dhesikan ,  Pradeep Kumar Kathail

IPC: H04L12/26 ,  H04L12/761 ,  H04L12/18

CPC classification number: H04L43/0882 ,  H04L12/185 ,  H04L45/125 ,  H04L45/16 ,  H04L45/302 ,  H04L45/48 ,  H04L47/15

Abstract: In one embodiment, a method includes determining a first node as a current termination node of a first multicast flow; determining whether a link between the first node and a downstream next-hop node has available bandwidth to accommodate the first multicast flow, where the downstream next-hop node is not currently associated with the first multicast flow; and transmitting the first multicast flow to the downstream next-hop node according to a determination that the link between the first node and a downstream next-hop node has available bandwidth to accommodate the first multicast flow. According to some implementations, the method is performed by a controller with one or more processors and non-transitory memory, where the controller is communicatively coupled to a plurality of network nodes in a network.

公开(公告)号：US20180062930A1

公开(公告)日：2018-03-01

申请号：US15346233

申请日：2016-11-08

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Subhasri Dhesikan ,  Pradeep Kumar Kathail ,  Sachin Vijay Vishwarupe

IPC: H04L12/24 ,  H04L12/751 ,  H04L12/26 ,  H04L12/851 ,  H04L12/721 ,  H04L12/823

Abstract: In one embodiment, a method includes discovering at a network controller, a topology and link capacities for a network, the network controller in communication with a plurality of spine nodes and leaf nodes, the link capacities comprising capacities for links between the spine nodes and the leaf nodes, identifying at the network controller, a flow received from a source at one of the leaf nodes, selecting at the network controller, one of the spine nodes to receive the flow from the leaf node based, at least in part, on the link capacities, and programming the network to transmit the flow from the spine node to one of the leaf nodes in communication with a receiver requesting the flow. An apparatus and logic are also disclosed herein.

公开(公告)号：US20190342354A1

公开(公告)日：2019-11-07

申请号：US15968690

申请日：2018-05-01

Applicant: Cisco Technology, Inc.

Inventor： Hendrikus GP Bosch ,  Jeffrey Napper ,  Andre Surcouf ,  Alessandro Duminuco ,  Subhasri Dhesikan ,  Sape Jurriën Mullender

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/18

Abstract: Techniques for provisioning multicast chains in a cloud-based environment are described herein. In an embodiment, an orchestration system sends a particular model of a distributed computer program application comprising one or more sources, destinations, and virtualized appliances for initiation by one or more host computers to a software-defined networking (SDN) controller. The SDN controller determines one or more locations for the virtualized appliances and generates a particular updated model of the distributed computer program application, the updated model comprising the one or more locations for the virtualized appliances. The SDN controller sends the updated model of the distributed computer program application to the orchestration system. The orchestration system uses the particular updated model to generate a mapping of virtualized appliances to available host computers of the one or more host computers based, at least in part, on the particular updated model of the distributed computer program application. Using the mapping of virtualized appliances to available host computers, the orchestration system sends instructions for initiating the virtualized appliances on the available host computers to one or more cloud management systems.