公开(公告)号：US20240073097A1

公开(公告)日：2024-02-29

申请号：US17955812

申请日：2022-09-29

Applicant: Cisco Technology, Inc.

Inventor： Piotr Jerzy Kupisiewicz ,  Olaf Meller ,  Michael Chomicz ,  Radoslaw Konrad Ruchala ,  Manoj Kumar ,  David Pryor

IPC: H04L41/12 ,  G06F16/901 ,  H04L41/0859 ,  H04L41/22

CPC classification number: H04L41/12 ,  G06F16/9024 ,  H04L41/0859 ,  H04L41/22

Abstract: Methods are presented herein for a reduced state machine that describes nodes and relationship dynamics representing real network elements (networking devices and software processes) in a computer/data network, and abstracted logical items. Logical states of networking features of the network elements are reflected in the graph, while configuration data is stored for completeness. A method called a “Versioner Algorithm” is provided to record the temporal history of a node and its state over time within the node's metadata itself, while recorded relationships represent logical relations between observed nodes. A method is also provided to time-travel back to observe a historical view of the network. Further still, a method is provided to a difference of two historical topologies and return that data in human-readable or machine consumable form.

公开(公告)号：US10972434B2

公开(公告)日：2021-04-06

申请号：US16124233

申请日：2018-09-07

Applicant: Cisco Technology, Inc.

Inventor： Piotr Jerzy Kupisiewicz ,  Frederic Detienne

IPC: H04L29/06 ,  H04L29/12 ,  H04L29/08 ,  H04L12/46

Abstract: A security gateway security gateway provisions a web browser hosted on a user device with a proxy auto-configuration file configured to automatically redirect the web browser to the security gateway as a proxy server for clientless virtual private network (VPN) operation when the web browser browses any uniform resource locator including a particular domain name that encompasses a private network. Upon receiving from the web browser over a public network a request to access a private resource on the private network, the security gateway establishes a secure public connection to the web browser, establishes a private connection to the private resource, and associate the private connection with the secure public connection to form a clientless VPN connection between the web browser and the private resource. The security gateway forwards content between the private resource and the web browser over the clientless VPN connection without performing any content rewrite operations.

公开(公告)号：US20190386961A1

公开(公告)日：2019-12-19

申请号：US16124233

申请日：2018-09-07

Applicant: Cisco Technology, Inc.

Inventor： Piotr Jerzy Kupisiewicz ,  Frederic Detienne

IPC: H04L29/06 ,  H04L12/46 ,  H04L29/08 ,  H04L29/12

Abstract: A security gateway security gateway provisions a web browser hosted on a user device with a proxy auto-configuration file configured to automatically redirect the web browser to the security gateway as a proxy server for clientless virtual private network (VPN) operation when the web browser browses any uniform resource locator including a particular domain name that encompasses a private network. Upon receiving from the web browser over a public network a request to access a private resource on the private network, the security gateway establishes a secure public connection to the web browser, establishes a private connection to the private resource, and associate the private connection with the secure public connection to form a clientless VPN connection between the web browser and the private resource. The security gateway forwards content between the private resource and the web browser over the clientless VPN connection without performing any content rewrite operations.

公开(公告)号：US12192062B2

公开(公告)日：2025-01-07

申请号：US17955812

申请日：2022-09-29

Applicant: Cisco Technology, Inc.

Inventor： Piotr Jerzy Kupisiewicz ,  Olaf Meller ,  Michael Chomicz ,  Radoslaw Konrad Ruchala ,  Manoj Kumar ,  David Pryor

IPC: H04L41/12 ,  G06F16/901 ,  H04L41/0859 ,  H04L41/22

Abstract: Methods are presented herein for a reduced state machine that describes nodes and relationship dynamics representing real network elements (networking devices and software processes) in a computer/data network, and abstracted logical items. Logical states of networking features of the network elements are reflected in the graph, while configuration data is stored for completeness. A method called a “Versioner Algorithm” is provided to record the temporal history of a node and its state over time within the node's metadata itself, while recorded relationships represent logical relations between observed nodes. A method is also provided to time-travel back to observe a historical view of the network. Further still, a method is provided to a difference of two historical topologies and return that data in human-readable or machine consumable form.

公开(公告)号：US11513826B2

公开(公告)日：2022-11-29

申请号：US17241493

申请日：2021-04-27

Applicant: Cisco Technology, Inc.

Inventor： Frédéric René Philippe Detienne ,  Piotr Jerzy Kupisiewicz

IPC: G06F9/44 ,  G06F9/455

Abstract: Methods and systems provide a library of various language bindings for application programming interface enabled network devices. The library is generated on-demand based on respective capabilities of a target network device. In these methods, a computing device obtains a selection of a target network device among a plurality of network devices and one or more data models that represent capabilities of the target network device. The computing device generates a library of one or more object models, each of which respectively corresponds to one of the one or more data models. The one or more object models define command line options for interfacing with the target network device. In these methods, the computing device provides a language shell for interacting with the target network device based on the one or more object models in the library.

公开(公告)号：US10855723B2

公开(公告)日：2020-12-01

申请号：US15977726

申请日：2018-05-11

Applicant: Cisco Technology, Inc.

Inventor： Piotr Jerzy Kupisiewicz

IPC: H04L29/06 ,  H04L29/12 ,  G06F16/23 ,  G06F16/903

Abstract: In one example embodiment, a proxy server obtains, from a client, a query regarding a server with which the client is attempting to establish a communication session. Based on the query, the proxy server evaluates dynamically updated stored data to determine whether the dynamically updated stored data indicates that the server supports a secure transport protocol. Based on determining that the dynamically updated stored data indicates that the server supports the secure transport protocol, the proxy server provides a response to the client. The response causes the client to provide, to the server, an initial secure transport protocol message in the communication session.

公开(公告)号：US20230019659A1

公开(公告)日：2023-01-19

申请号：US17955010

申请日：2022-09-28

Applicant: Cisco Technology, Inc.

Inventor： Frédéric René Philippe Detienne ,  Piotr Jerzy Kupisiewicz

IPC: G06F9/455

Abstract: Methods and systems provide a library of various language bindings for application programming interface enabled network devices. The library is generated on-demand based on respective capabilities of a target network device. In these methods, a computing device obtains a selection of a target network device among a plurality of network devices and one or more data models that represent capabilities of the target network device. The computing device generates a library of one or more object models, each of which respectively corresponds to one of the one or more data models. The one or more object models define command line options for interfacing with the target network device. In these methods, the computing device provides a language shell for interacting with the target network device based on the one or more object models in the library.

公开(公告)号：US20220263887A1

公开(公告)日：2022-08-18

申请号：US17717480

申请日：2022-04-11

Applicant: Cisco Technology, Inc.

Inventor： Piotr Jerzy Kupisiewicz ,  Jonathan Maria Jan Slenders ,  Frédéric René Philippe Detienne

IPC: H04L67/08 ,  H04L43/12

Abstract: Methods are provided in which a computer device provides, to a network device, an editing probe instruction for a cursor movement on a command line interface for interfacing with the network device. In these methods, the computer device obtains, from the network device, data output and determines whether the network device completed a command output based on whether the data output indicates the cursor movement on the command line interface.

公开(公告)号：US20220261261A1

公开(公告)日：2022-08-18

申请号：US17241493

申请日：2021-04-27

Applicant: Cisco Technology, Inc.

Inventor： Frédéric René Philippe Detienne ,  Piotr Jerzy Kupisiewicz

IPC: G06F9/455

Abstract: Methods and systems provide a library of various language bindings for application programming interface enabled network devices. The library is generated on-demand based on respective capabilities of a target network device. In these methods, a computing device obtains a selection of a target network device among a plurality of network devices and one or more data models that represent capabilities of the target network device. The computing device generates a library of one or more object models, each of which respectively corresponds to one of the one or more data models. The one or more object models define command line options for interfacing with the target network device. In these methods, the computing device provides a language shell for interacting with the target network device based on the one or more object models in the library.

公开(公告)号：US11757991B2

公开(公告)日：2023-09-12

申请号：US17509438

申请日：2021-10-25

Applicant: Cisco Technology, Inc.

Inventor： Frédéric René Philippe Detienne ,  Piotr Jerzy Kupisiewicz ,  Alexandre Honoré ,  Jonathan Maria Jan Slenders

IPC: G06F15/16 ,  H04L67/1095 ,  H04L41/22

CPC classification number: H04L67/1095 ,  H04L41/22

Abstract: Methods are provided for synchronizing task execution and/or data collection on multiple network devices. The methods involve obtaining a command to be executed on a plurality of target network devices and splitting the command into a plurality of single device execution tasks. Each single device execution task is for a respective network device of the plurality of target network devices. The methods further involve providing each of the plurality of single device execution tasks, via a command line interface or an application programming interface, to a respective one of the plurality of target network devices. The plurality of single device execution tasks being provided within a bounded time interval.