公开(公告)号：US20210194815A1

公开(公告)日：2021-06-24

申请号：US16854616

申请日：2020-04-21

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Thomas Szigeti ,  Jerome Henry ,  Ruben Gerald Lobo ,  Laurent Jean Charles Hausermann ,  Maik Guenter Seewald ,  Daniel R. Behrens

IPC: H04L12/851 ,  H04L12/813 ,  H04L12/26 ,  H04L12/24

Abstract: According to one or more embodiments of the disclosure, a networking device receives a policy for an endpoint in a network. The policy specifies one or more component tags and one or more activity tags that were assigned to the endpoint based on deep packet inspection of traffic associated with the endpoint. The networking device identifies a set of tags for a particular traffic flow in the network associated with the endpoint. The set of tags comprises one or more component tags or activity tags associated with the particular traffic flow. The networking device makes a determination that the particular traffic flow violates the policy based on the set of tags comprising a tag that is not in the policy. The networking device initiates, based on the determination that the particular traffic flow violates the policy, a corrective measure with respect to the particular traffic flow.

公开(公告)号：US20210194851A1

公开(公告)日：2021-06-24

申请号：US16838822

申请日：2020-04-02

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Thomas Szigeti ,  Jerome Henry ,  Ruben Gerald Lobo ,  Laurent Jean Charles Hausermann ,  Maik Guenter Seewald ,  Daniel R. Behrens

IPC: H04L29/06 ,  H04L12/24 ,  H04L12/823 ,  G05B19/05

Abstract: According to one or more embodiments of the disclosure, a device in a network identifies a packet sent via the network towards an endpoint as being a control packet for the endpoint. The device extracts one or more control parameter values from the control packet. The device compares the one or more control parameter values to a policy associated with the endpoint. The device initiates a corrective measure, based on a determination that the one or more control parameter values violate the policy associated with the endpoint.

公开(公告)号：US12192175B2

公开(公告)日：2025-01-07

申请号：US16838822

申请日：2020-04-02

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Thomas Szigeti ,  Jerome Henry ,  Ruben Gerald Lobo ,  Laurent Jean Charles Hausermann ,  Maik Guenter Seewald ,  Daniel R. Behrens

IPC: H04L9/40 ,  G05B19/05 ,  G06Q10/0875 ,  H04L12/46 ,  H04L41/0803 ,  H04L41/0893 ,  H04L43/026 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/32

Abstract: According to one or more embodiments of the disclosure, a device in a network identifies a packet sent via the network towards an endpoint as being a control packet for the endpoint. The device extracts one or more control parameter values from the control packet. The device compares the one or more control parameter values to a policy associated with the endpoint. The device initiates a corrective measure, based on a determination that the one or more control parameter values violate the policy associated with the endpoint.

公开(公告)号：US12218912B2

公开(公告)日：2025-02-04

申请号：US16854616

申请日：2020-04-21

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Thomas Szigeti ,  Jerome Henry ,  Ruben Gerald Lobo ,  Laurent Jean Charles Hausermann ,  Maik Guenter Seewald ,  Daniel R. Behrens

IPC: H04L43/026 ,  G05B19/05 ,  G06Q10/0875 ,  H04L9/40 ,  H04L12/46 ,  H04L41/0803 ,  H04L41/0893 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/32

Abstract: According to one or more embodiments of the disclosure, a networking device receives a policy for an endpoint in a network. The policy specifies one or more component tags and one or more activity tags that were assigned to the endpoint based on deep packet inspection of traffic associated with the endpoint. The networking device identifies a set of tags for a particular traffic flow in the network associated with the endpoint. The set of tags comprises one or more component tags or activity tags associated with the particular traffic flow. The networking device makes a determination that the particular traffic flow violates the policy based on the set of tags comprising a tag that is not in the policy. The networking device initiates, based on the determination that the particular traffic flow violates the policy, a corrective measure with respect to the particular traffic flow.

公开(公告)号：US11962469B2

公开(公告)日：2024-04-16

申请号：US17172820

申请日：2021-02-10

Applicant: Cisco Technology, Inc.

Inventor： Laurent Jean Charles Hausermann ,  Maik Guenter Seewald ,  André Guérard ,  Ruben Gerald Lobo ,  Daniel R. Behrens ,  Gulian Lorini ,  Laetitia Pot

IPC: H04L41/12 ,  G06N20/00 ,  G16Y20/10 ,  G16Y20/20 ,  G16Y40/10 ,  H04L41/0853 ,  H04L61/2567

CPC classification number: H04L41/12 ,  G06N20/00 ,  G16Y20/10 ,  G16Y20/20 ,  G16Y40/10 ,  H04L41/0853 ,  H04L61/2567

Abstract: According to one or more embodiments of the disclosure, an asset inventory service executed by one or more devices receives telemetry data collected passively by a sensor application regarding a node in a network. The asset inventory service requests, after receiving the telemetry data, that the sensor application perform active discovery of nodes in the network. The asset inventory service receives active discovery data collected by the sensor application via active discovery of nodes in the network. The asset inventory service generates, based on the telemetry data and the active discovery data, an identity profile for the node.

公开(公告)号：US20220255805A1

公开(公告)日：2022-08-11

申请号：US17172820

申请日：2021-02-10

Applicant: Cisco Technology, Inc.

Inventor： Laurent Jean Charles Hausermann ,  Maik Guenter Seewald ,  André Guérard ,  Ruben Gerald Lobo ,  Daniel R. Behrens ,  Gulian Lorini ,  Laetitia Pot

IPC: H04L12/24 ,  G06N20/00 ,  H04L29/12 ,  G16Y40/10 ,  G16Y20/10 ,  G16Y20/20

Abstract: According to one or more embodiments of the disclosure, an asset inventory service executed by one or more devices receives telemetry data collected passively by a sensor application regarding a node in a network. The asset inventory service requests, after receiving the telemetry data, that the sensor application perform active discovery of nodes in the network. The asset inventory service receives active discovery data collected by the sensor application via active discovery of nodes in the network. The asset inventory service generates, based on the telemetry data and the active discovery data, an identity profile for the node.

公开(公告)号：US20210194760A1

公开(公告)日：2021-06-24

申请号：US16853622

申请日：2020-04-20

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Thomas Szigeti ,  Jerome Henry ,  Ruben Gerald Lobo ,  Laurent Jean Charles Hausermann ,  Maik Guenter Seewald ,  Daniel R. Behrens

IPC: H04L12/24 ,  G06Q10/08 ,  H04L12/46

Abstract: According to one or more embodiments of the disclosure, a service obtains one or more component tags and one or more activity tags that were assigned to an endpoint device in a network based on deep packet inspection of traffic associated with the endpoint device. The service determines an intent of the endpoint device, using the one or more component tags and the one or more activity tags that were assigned to the endpoint device. The service translates the intent of the endpoint device into a network segmentation policy. The service configures a network overlay in the network that implements the network segmentation policy.