公开(公告)号：US20250141927A1

公开(公告)日：2025-05-01

申请号：US18385607

申请日：2023-10-31

Applicant: Cisco Technology, Inc.

Inventor： Elango GANESAN ,  Swapna ANANDAN ,  Akshay KHUSHU ,  Flemming Stig ANDREASEN

IPC: H04L9/40

Abstract: In one implementation, a method is disclosed comprising: determining, by a process, a network topology of a particular computer network and capabilities of particular devices within the network topology; determining, by the process, a logical framework of the particular computer network; mapping, by the process, access control and segmentation features of the particular devices to the logical framework based on the capabilities of the particular devices; and causing, by the process, mapped access control and segmentation features to be implemented to enforce the logical framework within the network topology.

公开(公告)号：US20240236045A9

公开(公告)日：2024-07-11

申请号：US17971285

申请日：2022-10-21

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Flemming Stig ANDREASEN ,  Jerome HENRY ,  Elango GANESAN

IPC: H04L9/40

CPC classification number: H04L63/0281

Abstract: In one embodiment, a device receives discovery data generated by a plurality of networking devices in a network. The device determines, based on the discovery data, a hierarchy of layers of the network. The device receives a request by a client that is external to the network to access remotely a particular endpoint in the network. The device configures, and in response to the request, a proxy chain of remote access agents executed by a subset of networking devices from the plurality of networking devices to allow the client to access remotely the particular endpoint, each of those networking devices proxying traffic between different layers of the network.

公开(公告)号：US20240137344A1

公开(公告)日：2024-04-25

申请号：US17971285

申请日：2022-10-20

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Flemming Stig ANDREASEN ,  Jerome HENRY ,  Elango GANESAN

IPC: H04L9/40

CPC classification number: H04L63/0281

Abstract: In one embodiment, a device receives discovery data generated by a plurality of networking devices in a network. The device determines, based on the discovery data, a hierarchy of layers of the network. The device receives a request by a client that is external to the network to access remotely a particular endpoint in the network. The device configures, and in response to the request, a proxy chain of remote access agents executed by a subset of networking devices from the plurality of networking devices to allow the client to access remotely the particular endpoint, each of those networking devices proxying traffic between different layers of the network.

公开(公告)号：US20240353817A1

公开(公告)日：2024-10-24

申请号：US18138458

申请日：2023-04-24

Applicant: Cisco Technology, Inc.

Inventor： Flemming Stig ANDREASEN ,  Timothy P. STAMMERS ,  Robert E. BARTON

IPC: G05B19/418

CPC classification number: G05B19/4185

Abstract: In one embodiment, a device associates available 5G functions stored by a network repository function with contextual information, wherein the contextual information maps each of the available 5G functions with a layer of a hierarchical security model for an industrial network. The device receives a request from a user equipment endpoint to communicate via the industrial network. The device selects a particular user plane function from among the available 5G functions for use by the user equipment endpoint based in part on the layer of the hierarchical security model associated with the particular user plane function. The device causes the user equipment endpoint to communicate via the industrial network using the particular user plane function.

公开(公告)号：US20240267296A1

公开(公告)日：2024-08-08

申请号：US18106114

申请日：2023-02-06

Applicant: Cisco Technology, Inc.

Inventor： Robert E. Barton ,  Flemming Stig ANDREASEN ,  Jerome HENRY ,  Daniel ECKSTEIN

IPC: H04L41/12

CPC classification number: H04L41/12 ,  G16Y40/35 ,  H04L67/12

Abstract: In one embodiment, a device in a local network obtains discovery data for a node in the local network. The device provides the discovery data to a device management service. The device receives, based on the discovery data, a brokerage configuration for the node from the device management service. The device configures the node with the brokerage configuration to publish data generated by the node to one or more data brokerage services.

公开(公告)号：US20230412603A1

公开(公告)日：2023-12-21

申请号：US17750198

申请日：2022-05-20

Applicant: Cisco Technology, Inc.

Inventor： Swapna ANANDAN ,  Flemming Stig ANDREASEN ,  Robert E. BARTON

IPC: H04L9/40

CPC classification number: H04L63/102 ,  H04L63/20 ,  H04L63/0876 ,  H04L63/101

Abstract: In one embodiment, an illustrative method herein may comprise: detecting, by a device, a new asset in a network with a media access control address; monitoring, by the device, the new asset to learn one or more contextual attributes of the new asset in the network; generating, by the device, a profile of the new asset based on the media access control address and the one or more contextual attributes; and using, by the device, the profile to define access and control over the new asset in the network.