公开(公告)号：US12120525B2

公开(公告)日：2024-10-15

申请号：US17447537

申请日：2021-09-13

申请人： Cisco Technology, Inc.

发明人： Nageswara Rao Majeti ,  Sairam Sambaraju ,  Manikanteswar G. Govinda Swamy ,  Kishore Hanumansetty ,  Saravanan Radhakrishnan ,  Bhavik P. Shah

IPC分类号： H04W12/50 ,  H04W12/47 ,  H04W12/71

CPC分类号： H04W12/50 ,  H04W12/47 ,  H04W12/71

摘要： In one embodiment, a method is disclosed for mobile device security that includes receiving a label ID from a low power mobile device via a first access point, wherein the label ID is a randomized value that substitutes a device address of the low power mobile device during wireless communication. The method includes mapping the label ID to the device address, and transmitting the device address to the first access point, and responsive to the transmitting, causing the first access point to pair with the low power mobile device.

公开(公告)号：US11985110B2

公开(公告)日：2024-05-14

申请号：US17932092

申请日：2022-09-14

申请人： Cisco Technology, Inc.

发明人： Saravanan Radhakrishnan ,  Anand Oswal ,  Ashwin Kumar ,  Paul Wayne Bigbee ,  Darrin Joseph Miller

IPC分类号： H04L29/06 ,  H04L9/40

CPC分类号： H04L63/0263 ,  H04L63/101 ,  H04L63/20

摘要： Systems and methods are provided for receiving, at a network device, a first set of rules from a security controller of an enterprise network, the first set of rules being different from a second set of rules provided to a firewall by the security controller, implementing, at the network device, the first set of rules received from the security controller, generating, at the network device, a first log including metadata based on the first set of rules, the first log being generated on a per flow basis, notifying, at the network device, a NetFlow of the first log including the metadata of the first set of rules, and providing, from the network device, the first log to a cloud-log store by the NetFlow of the network device, the cloud-log store receiving the first log from the network device and a second log from the firewall.

公开(公告)号：US11303574B2

公开(公告)日：2022-04-12

申请号：US16910380

申请日：2020-06-24

申请人： Cisco Technology, Inc.

发明人： Michael Joseph Stepanek ,  Costas Kleopa ,  David McGrew ,  Blake Harrell Anderson ,  Saravanan Radhakrishnan

IPC分类号： H04L12/851 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/25 ,  H04L47/2475 ,  H04L49/35 ,  H04L29/06 ,  H04W12/12 ,  H04W12/122 ,  H04W12/128

摘要： In one embodiment, a networking device in a network detects an traffic flow conveyed in the network via the networking device. The networking device generates flow data for the traffic flow. The networking device performs a classification of the traffic flow using the flow data as input to a machine learning-based classifier. The networking device performs a mediation action based on the classification of the traffic flow.

公开(公告)号：US10305928B2

公开(公告)日：2019-05-28

申请号：US14820265

申请日：2015-08-06

申请人： Cisco Technology, Inc.

发明人： David McGrew ,  Andrew Zawadowskiy ,  Donovan O'Hara ,  Saravanan Radhakrishnan ,  Tomas Pevny ,  Daniel G. Wing

IPC分类号： H04L29/06

摘要： A method comprises receiving, at a network infrastructure device, a flow of packets, determining, using the network infrastructure device and for a first subset of the packets, that the first subset corresponds to a first datagram and determining a first length of the first datagram, determining, using the network infrastructure device and for a second subset of the packets, that the second subset corresponds to a second datagram that was received after the first datagram, and determining a second length of the second datagram, determining, using the network infrastructure device, a duration value between a first arrival time of the first datagram and a second arrival time of the second datagram, sending, to a collector device that is separate from the network infrastructure device, the first length, the second length, and the duration value for analysis.

公开(公告)号：US20160164826A1

公开(公告)日：2016-06-09

申请号：US14725381

申请日：2015-05-29

申请人： Cisco Technology, Inc.

发明人： Wolfgang Arno Riedel ,  Mark Montanez ,  Saravanan Radhakrishnan ,  Ralph Edward Droms ,  David J. Zacks ,  Rohit Kumar Suri

IPC分类号： H04L29/12 ,  G06F17/30 ,  H04L12/26

CPC分类号： H04L61/1511 ,  H04L43/026 ,  H04L43/0876

摘要： In an embodiment, at a network element in a network, a domain name query is intercepted from a client. Metadata associated with a network application or service that is the object of the domain name query is obtained from a domain name system server. A policy is determined to enforce, based on the metadata, and the policy is enforced with respect to the client's access of the network application or service.

摘要翻译： 在一个实施例中，在网络中的网络元件处，从客户端拦截域名查询。 从域名系统服务器获取与作为域名查询对象的网络应用程序或服务相关联的元数据。 决定根据元数据执行策略，并针对客户端访问网络应用程序或服务实施策略。

公开(公告)号：US20230262525A1

公开(公告)日：2023-08-17

申请号：US17882859

申请日：2022-08-08

申请人： Cisco Technology, Inc.

发明人： Gangadharan Byju Pularikkal ,  Einar Nilsen-Nygaard ,  Vivek Agarwal ,  Ajeet Pal Singh Gill ,  Ravi Sankar Mantha ,  Saravanan Radhakrishnan

IPC分类号： H04W28/12 ,  H04L41/40 ,  H04W40/24

CPC分类号： H04W28/12 ,  H04L41/40 ,  H04W40/24

摘要： In one embodiment, a method includes receiving one or more 5G software-defined wide area network (SD-WAN) policies, identifying one or more identity-based policies from the one or more 5G SD-WAN policies, communicating the identified one or more identity-based policies to one or more WAN routers, communicating one or more 5G bindings to the one or more WAN routers, and applying the identified one or more identity-based policies to one or more flows between the one or more WAN routers.

公开(公告)号：US11711308B2

公开(公告)日：2023-07-25

申请号：US17694060

申请日：2022-03-14

申请人： Cisco Technology, Inc.

发明人： Michael Joseph Stepanek ,  Costas Kleopa ,  David McGrew ,  Blake Harrell Anderson ,  Saravanan Radhakrishnan

IPC分类号： H04L12/851 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/25 ,  H04L47/2475 ,  H04L49/35 ,  H04L9/40 ,  H04W12/12 ,  H04W12/122 ,  H04W12/128

CPC分类号： H04L47/2441 ,  H04L47/2475 ,  H04L47/2483 ,  H04L47/25 ,  H04L49/355 ,  H04L63/0254 ,  H04L63/0428 ,  H04L63/1425 ,  H04L63/1458 ,  H04L63/166 ,  H04W12/12 ,  H04W12/122 ,  H04W12/128

摘要： In one embodiment, a networking device in a network detects an traffic flow conveyed in the network via the networking device. The networking device generates flow data for the traffic flow. The networking device performs a classification of the traffic flow using the flow data as input to a machine learning-based classifier. The networking device performs a mediation action based on the classification of the traffic flow.

公开(公告)号：US20220272033A1

公开(公告)日：2022-08-25

申请号：US17185279

申请日：2021-02-25

申请人： Cisco Technology, Inc.

发明人： Prakash Jain ,  Sanjay Kumar Hooda ,  Rajeev Kumar ,  Saravanan Radhakrishnan ,  Solomon T. Lucas ,  Ramesh Yeevani-Srinivas

IPC分类号： H04L12/717 ,  H04L12/725 ,  H04L12/715 ,  H04L12/713 ,  H04L12/26 ,  H04L12/46

摘要： A map server/map resolver (MS/MR) of a Locator ID Separation Protocol (LISP) control plane for an enterprise private network for group-based service insertion is described. The MS/MR may facilitate communications from a first host having a first endpoint ID (EID) and located at a first tunnel router having a first routing locator (RLOC), to a second host having a second EID and located at a second tunnel router having a second RLOC. The MS/MR receives, from the first tunnel router, a map request for requesting an EID-to-RLOC mapping associated with the second EID and including a group identifier. The MS/MR selects a service insertion policy including an address of a service border router for a service that is registered with the MS/MR, and responds with a map reply including the address for populating an overlay route for forwarding communications via the service border router for insertion of the registered service.

公开(公告)号：US11057420B2

公开(公告)日：2021-07-06

申请号：US16370853

申请日：2019-03-29

申请人： Cisco Technology, Inc.

发明人： David McGrew ,  Andrew Zawadowskiy ,  Donovan O'Hara ,  Saravanan Radhakrishnan ,  Tomas Pevny ,  Daniel G. Wing

IPC分类号： H04L29/06

摘要： A method comprises receiving, at a network infrastructure device, a flow of packets, determining, using the network infrastructure device and for a first subset of the packets, that the first subset corresponds to a first datagram and determining a first length of the first datagram, determining, using the network infrastructure device and for a second subset of the packets, that the second subset corresponds to a second datagram that was received after the first datagram, and determining a second length of the second datagram, determining, using the network infrastructure device, a duration value between a first arrival time of the first datagram and a second arrival time of the second datagram, sending, to a collector device that is separate from the network infrastructure device, the first length, the second length, and the duration value for analysis.

公开(公告)号：US20190238471A1

公开(公告)日：2019-08-01

申请号：US16379352

申请日：2019-04-09

申请人： Cisco Technology, Inc.

发明人： Michael Joseph Stepanek ,  Costas Kleopa ,  David McGrew ,  Blake Harrell Anderson ,  Saravanan Radhakrishnan

IPC分类号： H04L12/851 ,  H04W12/12 ,  H04L29/06 ,  H04L12/931 ,  H04L12/859 ,  H04L12/825

摘要： In one embodiment, a networking device in a network detects a traffic flow conveyed in the network via the networking device. The networking device generates flow data for the traffic flow. The networking device performs a classification of the traffic flow using the flow data as input to a machine learning-based classifier. The networking device performs a mediation action based on the classification of the traffic flow.