公开(公告)号：US12069098B2

公开(公告)日：2024-08-20

申请号：US17508731

申请日：2021-10-22

Applicant: Cisco Technology, Inc.

Inventor： Shree Murthy ,  Sanjay Kumar Hooda ,  Prakash C. Jain ,  Roberto Kobo ,  Rajagopal Venkatraman

IPC: G06F15/16 ,  G06F9/455 ,  H04L9/40 ,  H04L61/5007 ,  H04L61/5014

CPC classification number: H04L63/20 ,  G06F9/45558 ,  H04L61/5007 ,  H04L61/5014

Abstract: Techniques for analyzing traffic originating from a host device in a wireless network to identify one or more virtual machines (VMs) running on the host device and connected to the network via the host device in bridge mode. When a VM is created in bridge mode behind a host device, the traffic originated by the VM will have the source Media Access Layer (MAC) address of the host device. According to techniques described herein, devices and/or components associated with the network may profile the traffic to identify an address of the VM, such as by analyzing dynamic host configuration protocol (DHCP) packets to determine the Internet Protocol (IP) address of the VM. Once the IP address and the MAC address of the VM is known, the components and/or devices may apply security policies to the VM that may be different than security policies applied to the host device.

公开(公告)号：US11252073B1

公开(公告)日：2022-02-15

申请号：US16752443

申请日：2020-01-24

Applicant: Cisco Technology, Inc.

Inventor： Roberto Kobo ,  Frank Peraza ,  Omer Ali ,  Muhammad Ahmad Imam

IPC: H04L12/26 ,  H04L12/751 ,  H04L12/713 ,  H04L12/42 ,  H04L12/717 ,  H04L12/753

Abstract: Network link redundancy may be provided. A node comprising a virtualization of a network topology comprising a plurality of devices may be provided. Next, the node may be provided with at least two ports. Each of the at least two ports may respectively comprise an inside facing portion that uses a first protocol and an outside facing portion that uses a second protocol. The node may operate using the first protocol. A behavioral mode of the at least two ports may be controlled and the behavioral mode of the at least two ports may be communicated to at least one other node outside the node.

公开(公告)号：US20230131771A1

公开(公告)日：2023-04-27

申请号：US17508731

申请日：2021-10-22

Applicant: Cisco Technology, Inc.

Inventor： Shree Murthy ,  Sanjay Kumar Hooda ,  Prakash C. Jain ,  Roberto Kobo ,  Rajagopal Venkatraman

IPC: H04L9/40 ,  H04L61/5014 ,  G06F9/455

Abstract: Techniques for analyzing traffic originating from a host device in a wireless network to identify one or more virtual machines (VMs) running on the host device and connected to the network via the host device in bridge mode. When a VM is created in bridge mode behind a host device, the traffic originated by the VM will have the source Media Access Layer (MAC) address of the host device. According to techniques described herein, devices and/or components associated with the network may profile the traffic to identify an address of the VM, such as by analyzing dynamic host configuration protocol (DHCP) packets to determine the Internet Protocol (IP) address of the VM. Once the IP address and the MAC address of the VM is known, the components and/or devices may apply security policies to the VM that may be different than security policies applied to the host device.

公开(公告)号：US10673737B2

公开(公告)日：2020-06-02

申请号：US15955493

申请日：2018-04-17

Applicant: Cisco Technology, Inc.

Inventor： Atri Indiresan ,  Roberto Kobo ,  Sanjay Kumar Hooda ,  Akshay Sunil Dorwat

IPC: H04W56/00 ,  H04L12/715 ,  H04L12/723 ,  H04L29/12 ,  H04L12/721 ,  H04L12/713

Abstract: Multi-VRF universal device Internet Protocol (IP) address for fabric edge devices may be provided. This address may be used to send and receive packets in a connectivity message for all VRFs on a fabric edge device. First, a request packet may be created by a first network device in response to receiving a connectivity message. The request packet may have a source address corresponding to an address of the first network device and a destination address corresponding to an address of a first client device. Next, the first network device may encapsulate the request packet. The first network device may then forward the encapsulated request packet to a second network device associated with the first client device.

公开(公告)号：US20190319871A1

公开(公告)日：2019-10-17

申请号：US15955493

申请日：2018-04-17

Applicant: Cisco Technology, Inc.

Inventor： Atri Indiresan ,  Roberto Kobo ,  Sanjay Kumar Hooda ,  Akshay Sunil Dorwat

IPC: H04L12/715 ,  H04L12/723 ,  H04L12/713 ,  H04L12/721 ,  H04L29/12

Abstract: Multi-VRF universal device Internet Protocol (IP) address for fabric edge devices may be provided. This address may be used to send and receive packets in a connectivity message for all VRFs on a fabric edge device. First, a request packet may be created by a first network device in response to receiving a connectivity message. The request packet may have a source address corresponding to an address of the first network device and a destination address corresponding to an address of a first client device. Next, the first network device may encapsulate the request packet. The first network device may then forward the encapsulated request packet to a second network device associated with the first client device.