公开(公告)号：US12273267B2

公开(公告)日：2025-04-08

申请号：US18604972

申请日：2024-03-14

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Ramakumara Kariyappa ,  Nithin Bangalore Raju ,  Bhairav Dutia ,  Vivek Agarwal ,  Satish Mahadevan ,  Ankur Bhargava

IPC: H04L45/586 ,  H04L45/748 ,  H04L61/5061

Abstract: Symmetric networking techniques disclosed herein can be applied by gateway routers in cloud networks. The techniques can ensure that both outbound traffic received at a cloud from a branch device and return traffic directed from the cloud back to the branch device are processed by a same gateway router. The gateway router can use network address translation to insert IP addresses from an inside pool and an outside pool assigned to the router.

公开(公告)号：US11962498B1

公开(公告)日：2024-04-16

申请号：US18208000

申请日：2023-06-09

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Ramakumara Kariyappa ,  Nithin Bangalore Raju ,  Bhairav Dutia ,  Vivek Agarwal ,  Satish Kumar Mahadevan ,  Ankur Bhargava

IPC: H04L45/586 ,  H04L45/748 ,  H04L61/5061

CPC classification number: H04L45/586 ,  H04L45/748 ,  H04L61/5061

Abstract: Symmetric networking techniques disclosed herein can be applied by gateway routers in cloud networks. The techniques can ensure that both outbound traffic received at a cloud from a branch device and return traffic directed from the cloud back to the branch device are processed by a same gateway router. The gateway router can use network address translation to insert IP addresses from an inside pool and an outside pool assigned to the router.

公开(公告)号：US20240073147A1

公开(公告)日：2024-02-29

申请号：US18052826

申请日：2022-11-04

Applicant: Cisco Technology, Inc.

Inventor： Ramakumara Kariyappa ,  Satish Mahadevan ,  Biju Mathews Mammen ,  Balaji Sundararajan ,  Giorgio Valentini ,  Venkatraman Venkatapathy

IPC: H04L47/2441 ,  H04L45/85 ,  H04L47/2425

CPC classification number: H04L47/2441 ,  H04L45/85 ,  H04L47/2433

Abstract: Techniques are described for routing traffic through an interconnect cloud gateway based on cloud traffic routing indicators. The interconnect cloud gateway can advertise the cloud traffic routing indicators, which can include cloud indicators and transport gateway indicators. The cloud indicators can include cloud tags utilized to route cloud traffic. The transport gateway indicators can include transport gateway flags utilized to identify private networks utilized to route the cloud traffic. The cloud traffic can routed during normal private network operation through private networks, which can be dynamically replaced by public networks due to occurrences of failures preventing the data traffic from being routed through the private networks and to cloud networks.

公开(公告)号：US20250141796A1

公开(公告)日：2025-05-01

申请号：US18498928

申请日：2023-10-31

Applicant: Cisco Technology, Inc.

Inventor： Satish Kumar Mahadevan ,  Laxmikantha Reddy Ponnuru ,  Pritam Baruah ,  Sourav Sen ,  Samir Thoria ,  Ramakumara Kariyappa

IPC: H04L45/586 ,  H04L45/12 ,  H04L45/28

Abstract: Present disclosure includes determining, at two or more gateway nodes that each communicate with a plurality of branch nodes and a plurality of resources, dynamically a path between each of the plurality of branch nodes and each of the plurality of resources, wherein the path includes one or more virtual routers; generating, at the two or more gateways, dynamically a path length based upon a number of virtual routers each path traverses; automatically translating the path length to an overlay management protocol route preference for each of the plurality of resources.

公开(公告)号：US20250030743A1

公开(公告)日：2025-01-23

申请号：US18356937

申请日：2023-07-21

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Kannan Kumar ,  Madhu Somu ,  Ramakumara Kariyappa ,  Kushal A Patel ,  Vishnuprasad Raghavan ,  Deepthi Tammireddy

IPC: H04L9/40 ,  H04L43/062

Abstract: Methods and systems are described herein for dynamically applying a security policy based on one or more tag attributes. The method comprises receiving, at a network controller, information about an instance of a cloud workload instantiated at a cloud provider. The cloud workload is associated with a tag attribute. The method further comprises querying the cloud provider for at least one IP address associated with the tag attribute and learning the at least one IP address associated with the tag attribute, including the IP address for the instance of the cloud workload. The method further comprises associating a security policy with the at least one IP address associated with the tag attribute and propagating the security policy to at least one edge router for implementation.

公开(公告)号：US20240333689A1

公开(公告)日：2024-10-03

申请号：US18128824

申请日：2023-03-30

Applicant: Cisco Technology, Inc.

Inventor： Pritam Baruah ,  Balaji Sundararajan ,  Nithin Bangalore Raju ,  Srilatha Tangirala ,  Ramakumara Kariyappa

IPC: H04L9/40

CPC classification number: H04L63/0281 ,  H04L63/0236 ,  H04L63/20

Abstract: Techniques for utilizing a network gateway provisioned in a software-defined network to verify service readiness of one or more security service(s) of a service chain prior to redirecting network traffic along a given data-path to the security service(s). The gateway may be configured to open a specific port on a network device hosting a security service to transmit network policies and/or test network traffic to the security service. The network gateway may host a virtual source and/or a virtual destination and cause the virtual source to send test network traffic through the security service via the port and to the virtual destination. The gateway may then utilize the received test network traffic to determine whether a given security service satisfies a threshold health and/or functionality measurement. Once it is determined that the security service satisfies the thresholds, the gateway may cause network traffic to be redirected to the security service.

公开(公告)号：US12095652B1

公开(公告)日：2024-09-17

申请号：US18328566

申请日：2023-06-02

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Satish Kumar Mahadevan ,  Ramakumara Kariyappa ,  Ganesh Devendrachar ,  Arul Murugan Manickam ,  Samir D Thoria ,  Pritam Baruah ,  Deepa Rajendra Sangolli ,  Avinash Shah

IPC: H04L45/17 ,  H04L43/0817 ,  H04L45/24

CPC classification number: H04L45/17 ,  H04L43/0817 ,  H04L45/24

Abstract: Techniques are described for suppressing data plane traffic using a service monitoring policy for data plane control. If a service provided to a router becomes nonfunctional, preventing the router from being able to forward traffic to a next-hop device, data plane traffic from client devices on the data plane that requires the use of the nonfunctioning service is suppressed. Additionally, new communication pathways to the router that will use the nonfunctioning service are prevented from being established. Traffic is redirected to another router with a functioning service. Thus, traffic that may normally be directed to the router with the nonfunctioning service and not able to be forwarded (e.g., blackholing of data) can be forwarded to the other router.

公开(公告)号：US20240267325A1

公开(公告)日：2024-08-08

申请号：US18604972

申请日：2024-03-14

Applicant: Cisco Technology, Inc.

Inventor： Balaji Sundararajan ,  Ramakumara Kariyappa ,  Nithin Bangalore Raju ,  Bhairav Dutia ,  Vivek Agarwal ,  Satish Mahadevan ,  Ankur Bhargava

IPC: H04L45/586 ,  H04L45/748 ,  H04L61/5061

CPC classification number: H04L45/586 ,  H04L45/748 ,  H04L61/5061

Abstract: Symmetric networking techniques disclosed herein can be applied by gateway routers in cloud networks. The techniques can ensure that both outbound traffic received at a cloud from a branch device and return traffic directed from the cloud back to the branch device are processed by a same gateway router. The gateway router can use network address translation to insert IP addresses from an inside pool and an outside pool assigned to the router.