-
公开(公告)号:US11252030B2
公开(公告)日:2022-02-15
申请号:US16590948
申请日:2019-10-02
IPC分类号: H04L12/24 , H04L12/743 , H04L12/705
摘要: Systems, methods, and computer-readable media for scaling a source network. A system may be configured to receive a network configuration for a source network, wherein the source network comprising a plurality of nodes, receive and a scale target for a scaled network, and identify, based on the scale target, one or more selected nodes in the plurality of nodes in the source network for implementing in the scaled network. The system may further be configured to reconfigure data plane parameters and control plane parameters for each node in the one or more selected nodes.
-
公开(公告)号:US11228500B2
公开(公告)日:2022-01-18
申请号:US16424776
申请日:2019-05-29
发明人: Vinay Prabhu , Sarah Adelaide Evans , Jigar Dinesh Parekh , Suraj Rangaswamy , Parth Sanjiv Doshi , Pranav Narasimmaraj , Ashish Shendure
IPC分类号: H04L12/24
摘要: Systems, methods, and computer-readable media for designing network performance and configuration include determining one or more use cases for a network to be provisioned, based on at least one or more business verticals related to a customer of the network. A data plane scale is determined from the use cases and an initial data plane scale generated using a linear regression on one or more data plane parameters. The data plane parameters include a platform type, feature set, packet size, or software version of the network. A control plane scale is determined from the use cases and an initial control plane scale generated using a linear regression on one or more control plane parameters of the network. The control plane parameters include a platform type, feature set, or software version of the network. The network is provisioned for the data plane scale and the control plane scale.
-
公开(公告)号:US20210105185A1
公开(公告)日:2021-04-08
申请号:US16590948
申请日:2019-10-02
IPC分类号: H04L12/24 , H04L12/743
摘要: Systems, methods, and computer-readable media for scaling a source network. A system may be configured to receive a network configuration for a source network, wherein the source network comprising a plurality of nodes, receive and a scale target for a scaled network, and identify, based on the scale target, one or more selected nodes in the plurality of nodes in the source network for implementing in the scaled network. The system may further be configured to reconfigure data plane parameters and control plane parameters for each node in the one or more selected nodes.
-
公开(公告)号:US20210037091A1
公开(公告)日:2021-02-04
申请号:US16526722
申请日:2019-07-30
IPC分类号: H04L29/08 , H04L12/26 , H04L12/715
摘要: The present disclosure is directed to a peer node discovery process whereby a network management node can discover peers of inaccessible nodes that have lost connectivity to the network management node over the control plane and receive health report of the inaccessible nodes via the discovered peers. In one example, a method includes detecting a loss of connectivity to a network node; based on a type of the network node, performing one of a first process or a second process to obtain a health report of the network node, the first process and the second process including identification of at least one corresponding peer node from which the health report of the network node is to be received; and analyzing the health report to determine root cause of the loss of connectivity.
-
公开(公告)号:US20200177550A1
公开(公告)日:2020-06-04
申请号:US16434115
申请日:2019-06-06
发明人: Vamsidhar Valluri , Saravanan Radhakrishnan , Anand Oswal , Vinay Prabhu , Sarah Adelaide Evans , Suraj Rangaswamy
IPC分类号: H04L29/06 , H04L12/46 , H04L12/741 , H04L12/751
摘要: Systems and methods provide for provisioning a dynamic intent-based firewall. A network controller can generate a master route table for network segments reachable from edge network devices managed by the controller. The controller can receive zone definition information mapping the network segments into zones and Zone-based Firewall (ZFW) policies to apply to traffic between a source and destination zone specified by each ZFW policy. The controller can evaluate a ZFW policy to determine first edge network devices that can reach first network segments mapped to the source zone specified by the ZFW policy, second edge network devices that can reach second network segments mapped to the destination zone specified by the ZFW policy, and routing information (from the route table) between the first network segments, the first and second edge network devices, and the second network segments. The controller can transmit the routing information to the edge network devices.
-
公开(公告)号:US11870755B2
公开(公告)日:2024-01-09
申请号:US17511412
申请日:2021-10-26
发明人: Vamsidhar Valluri , Saravanan Radhakrishnan , Anand Oswal , Vinay Prabhu , Sarah Adelaide Evans , Suraj Rangaswamy
IPC分类号: H04L12/46 , H04L9/40 , H04L45/02 , H04L45/745
CPC分类号: H04L63/0263 , H04L12/4641 , H04L45/02 , H04L45/745 , H04L63/0218 , H04L63/0236 , H04L63/0272 , H04L63/20
摘要: Systems and methods provide for provisioning a dynamic intent-based firewall. A network controller can generate a master route table for network segments reachable from edge network devices managed by the controller. The controller can receive zone definition information mapping the network segments into zones and Zone-based Firewall (ZFW) policies to apply to traffic between a source and destination zone specified by each ZFW policy. The controller can evaluate a ZFW policy to determine first edge network devices that can reach first network segments mapped to the source zone specified by the ZFW policy, second edge network devices that can reach second network segments mapped to the destination zone specified by the ZFW policy, and routing information (from the route table) between the first network segments, the first and second edge network devices, and the second network segments. The controller can transmit the routing information to the edge network devices.
-
公开(公告)号:US11201854B2
公开(公告)日:2021-12-14
申请号:US16434115
申请日:2019-06-06
发明人: Vamsidhar Valluri , Saravanan Radhakrishnan , Anand Oswal , Vinay Prabhu , Sarah Adelaide Evans , Suraj Rangaswamy
IPC分类号: H04L12/46 , H04L29/06 , H04L12/751 , H04L12/741
摘要: Systems and methods provide for provisioning a dynamic intent-based firewall. A network controller can generate a master route table for network segments reachable from edge network devices managed by the controller. The controller can receive zone definition information mapping the network segments into zones and Zone-based Firewall (ZFW) policies to apply to traffic between a source and destination zone specified by each ZFW policy. The controller can evaluate a ZFW policy to determine first edge network devices that can reach first network segments mapped to the source zone specified by the ZFW policy, second edge network devices that can reach second network segments mapped to the destination zone specified by the ZFW policy, and routing information (from the route table) between the first network segments, the first and second edge network devices, and the second network segments. The controller can transmit the routing information to the edge network devices.
-
公开(公告)号:US20200177606A1
公开(公告)日:2020-06-04
申请号:US16567435
申请日:2019-09-11
摘要: Systems and methods provide for synergistic domain name system DNS security updates for an enterprise network operating under a Software Defined Wide Area Network (SD-WAN). A system may be configured to collect positive and/or negative unified threat defense (UTD) results, deploy a rules-based model that, when a threat or clearance is detected across several SD-WAN edge network devices, triggers an update to a local security blacklist/whitelist, wherein the update comprises a signature, and push the update to other devices that have not yet seen the threat or clearance.
-
公开(公告)号:US11716250B2
公开(公告)日:2023-08-01
申请号:US17580153
申请日:2022-01-20
IPC分类号: H04L41/0816 , H04L41/0893 , H04L41/12 , H04L45/745 , H04L41/0895 , H04L41/0894 , H04L41/0897 , H04L41/122 , H04L41/40 , H04L41/0213 , H04L45/18
CPC分类号: H04L41/0816 , H04L41/0893 , H04L41/12 , H04L45/74591
摘要: Systems, methods, and computer-readable media for scaling a source network. A system may be configured to receive a network configuration for a source network, wherein the source network comprising a plurality of nodes, receive and a scale target for a scaled network, and identify, based on the scale target, one or more selected nodes in the plurality of nodes in the source network for implementing in the scaled network. The system may further be configured to reconfigure data plane parameters and control plane parameters for each node in the one or more selected nodes.
-
公开(公告)号:US20220377089A1
公开(公告)日:2022-11-24
申请号:US17817724
申请日:2022-08-05
IPC分类号: H04L9/40 , H04L45/00 , H04L61/4511
摘要: Systems and methods provide for synergistic domain name system DNS security updates for an enterprise network operating under a Software Defined Wide Area Network (SD-WAN). A system may be configured to collect positive and/or negative unified threat defense (UTD) results, deploy a rules-based model that, when a threat or clearance is detected across several SD-WAN edge network devices, triggers an update to a local security blacklist/whitelist, wherein the update comprises a signature, and push the update to other devices that have not yet seen the threat or clearance.
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.017 秒)
