公开(公告)号：US11102053B2

公开(公告)日：2021-08-24

申请号：US15831708

申请日：2017-12-05

Applicant: Cisco Technology, Inc.

Inventor： Kannan Ponnuswamy ,  Alok Lalit Wadhwa ,  Furong Ma Gisiger ,  Robert Bukofser

IPC: G06F15/16 ,  H04L12/24 ,  H04L12/26

Abstract: Systems, methods, and computer-readable media for providing network assurance across a network. In some embodiments, network traffic data of a cluster of nodes in a network environment can be gathered based on first network traffic flowing through the nodes using a first group of sensors implemented in the network environment. Network events occurring in the network environment can be identified, e.g. using sensors deployed in an infrastructure of the network environment. Subsequently, the network events can be correlated with the network traffic data to generate correlated network data for the network environment. The correlated network data for the network environment can be used to provide assurance between at least one server in the cluster of nodes and the network infrastructure of the network environment as part of providing assurance across the network environment.

公开(公告)号：US11716343B2

公开(公告)日：2023-08-01

申请号：US16990664

申请日：2020-08-11

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Hanlin He ,  Umamaheswaran Arumugam ,  Robert Bukofser ,  Aiyesha Ma ,  Kai Zhu ,  Ashok Kumar

IPC: H04L9/40 ,  G06F16/9035 ,  G06F16/901 ,  H04L41/22

CPC classification number: H04L63/1433 ,  G06F16/9024 ,  G06F16/9035 ,  H04L41/22 ,  H04L63/1425

Abstract: Systems, methods, and computer-readable media for determine a neighborhood graph can include the following processes. A neighborhood graph system generates a neighborhood graph for a plurality of nodes in an enterprise network, the neighborhood graph representing a multi-hop connections between any two nodes of the plurality of nodes. A security score service determines a security score for each of the plurality of nodes to yield a plurality of scores. The neighborhood graph system updates the neighborhood graph of the plurality of nodes using the plurality of scores to provide a visual representation of securities of the plurality of nodes relative to each other.

公开(公告)号：US20210006471A1

公开(公告)日：2021-01-07

申请号：US16459962

申请日：2019-07-02

Applicant: Cisco Technology, Inc.

Inventor： Andrey Kvasyuk ,  Hazim Hashim Dahir ,  Robert Bukofser ,  Saad Syed Hasan

IPC: H04L12/24 ,  H04L12/801 ,  H04L12/851 ,  H04L12/26

Abstract: In one embodiment, a device obtains telemetry data regarding a plurality of traffic flows in a network. The device forms a directed graph based on the telemetry data, wherein nodes of the graph represent devices in the network. The device simulates traffic for one or more of the devices by performing random walks starting at a particular node on the directed graph to generate a set of trails, each trail representing a sequence of one or more flows. The device clusters the set of trails to form one or more clusters. The device generates an application fingerprint for an application based on one of the one or more clusters. The device uses the application fingerprint to identify traffic in the network as associated with the application.

公开(公告)号：US20230370489A1

公开(公告)日：2023-11-16

申请号：US18352036

申请日：2023-07-13

Applicant: Cisco Technology, Inc.

Inventor： Supreeth Rao ,  Navindra Yadav ,  Prasannakumar Jobigenahally Malleshaiah ,  Hanlin He ,  Umamaheswaran Arumugam ,  Robert Bukofser ,  Aiyesha Ma ,  Kai Zhu ,  Ashok Kumar

IPC: H04L9/40 ,  G06F16/901 ,  H04L41/22 ,  G06F16/9035

CPC classification number: H04L63/1433 ,  G06F16/9024 ,  H04L41/22 ,  H04L63/1425 ,  G06F16/9035

Abstract: Systems, methods, and computer-readable media for determine a neighborhood graph can include the following processes. A neighborhood graph system generates a neighborhood graph for a plurality of nodes in an enterprise network, the neighborhood graph representing a multi-hop connections between any two nodes of the plurality of nodes. A security score service determines a security score for each of the plurality of nodes to yield a plurality of scores. The neighborhood graph system updates the neighborhood graph of the plurality of nodes using the plurality of scores to provide a visual representation of securities of the plurality of nodes relative to each other.

公开(公告)号：US11044168B2

公开(公告)日：2021-06-22

申请号：US16459962

申请日：2019-07-02

Applicant: Cisco Technology, Inc.

Inventor： Andrey Kvasyuk ,  Hazim Hashim Dahir ,  Robert Bukofser ,  Saad Syed Hasan

IPC: H04L12/24 ,  H04L12/26 ,  H04L12/851 ,  H04L12/801

Abstract: In one embodiment, a device obtains telemetry data regarding a plurality of traffic flows in a network. The device forms a directed graph based on the telemetry data, wherein nodes of the graph represent devices in the network. The device simulates traffic for one or more of the devices by performing random walks starting at a particular node on the directed graph to generate a set of trails, each trail representing a sequence of one or more flows. The device clusters the set of trails to form one or more clusters. The device generates an application fingerprint for an application based on one of the one or more clusters. The device uses the application fingerprint to identify traffic in the network as associated with the application.

公开(公告)号：US20190173736A1

公开(公告)日：2019-06-06

申请号：US15831708

申请日：2017-12-05

Applicant: Cisco Technology, Inc.

Inventor： Kannan Ponnuswamy ,  Alok Lalit Wadhwa ,  Furong Ma Gisiger ,  Robert Bukofser

IPC: H04L12/24 ,  H04L12/26

Abstract: Systems, methods, and computer-readable media for providing network assurance across a network. In some embodiments, network traffic data of a cluster of nodes in a network environment can be gathered based on first network traffic flowing through the nodes using a first group of sensors implemented in the network environment. Network events occurring in the network environment can be identified, e.g. using sensors deployed in an infrastructure of the network environment. Subsequently, the network events can be correlated with the network traffic data to generate correlated network data for the network environment. The correlated network data for the network environment can be used to provide assurance between at least one server in the cluster of nodes and the network infrastructure of the network environment as part of providing assurance across the network environment.