-
公开(公告)号:US12114198B2
公开(公告)日:2024-10-08
申请号:US18359392
申请日:2023-07-26
Applicant: Cisco Technology, Inc.
Inventor: Prakash C. Jain , Sanjay K. Hooda , Vinay Saini
CPC classification number: H04W28/0226 , H04L12/4633 , H04W84/12 , H04W88/08
Abstract: An enterprise network may receive a WiFi packet associated with a 5G service (or other type of service) at an access point (AP) in the enterprise network. The enterprise network determines whether the WiFi packet satisfies a first-packet policy associated with the 5G service, where the first-packet policy controls access to a tunnel for traversing the enterprise network to reach the 5G service. If the packet satisfies the policy, the enterprise network queries a map server to identify a location of a 5G border in the enterprise network that is connected to the 5G service. The enterprise network can transmit the WiFi packet on the tunnel with priority to meet SLA using the location of the 5G border.
-
公开(公告)号:US20240098477A1
公开(公告)日:2024-03-21
申请号:US17933527
申请日:2022-09-20
Applicant: Cisco Technology, Inc.
Inventor: Jerome Henry , Robert E. Barton , Vinay Saini , Bart A. Brinckman , Mark Grayson
Abstract: Roaming validation for Access Network Providers (ANPs), and particularly to protecting communications between Stations (STAs) and ANPs while providing roaming validation for ANPs may be provided. An ANP may first register a roaming federation system. The ANP may determine a roaming message based on subscription features of the network, and the ANP may request signing of the roaming message by the roaming federation system. The ANP may receive the signed roaming message from the roaming federation system and send the signed roaming message to a STA. The ANP may then receive a request to connect to the network from the STA and initiate a connection for the STA.
-
公开(公告)号:US20240056488A1
公开(公告)日:2024-02-15
申请号:US17886030
申请日:2022-08-11
Applicant: Cisco Technology, Inc.
Inventor: Nagendra Kumar Nainar , Vinay Saini , Akram Sheriff , Rajesh Indira Viswambharan , David John Zacks
IPC: H04L9/40
CPC classification number: H04L63/205 , H04L63/0478
Abstract: Techniques are described for classification-based data security management. The classification-based data security management can include utilizing device and/or data attributes to identify security modes for communication of data stored in a source device. The security modes can be identified based on a hybrid-encryption negotiation. The attributes can include a device resource availability value, an access trust score, a data confidentiality score, a geo-coordinates value, and/or a date/time value. The security modes can include a hybrid-encryption mode. The source device can utilize the hybrid-encryption mode to transmit the data, via one or more network nodes, such as an edge node, to one or more service nodes.
-
公开(公告)号:US11889352B2
公开(公告)日:2024-01-30
申请号:US17675190
申请日:2022-02-18
Applicant: Cisco Technology, Inc.
Inventor: Ankush Ganpatrai Arora , Rajaneesh Sudhakar Shetty , Ananya Simlai , Vinay Saini
IPC: H04W28/08 , H04W16/02 , H04W72/04 , H04W72/542
CPC classification number: H04W28/08 , H04W16/02 , H04W72/04 , H04W72/542
Abstract: A method is provided for use in a network that includes a plurality of user plane functions that perform processing of user plane traffic sessions from one or more mobile wireless user devices. The method includes periodically monitoring resource utilization of the plurality of user plane functions to estimate a resource utilization level of respective user plane functions. Based on the periodically monitoring, the method further includes storing for the respective user plane functions a resource utilization level indicator for each of the respective user plane functions according a resource utilization level of the respective user plane functions. User plane traffic sessions for a given tracking area are re-assigned (moved) among the plurality of user plane functions based on the resource utilization level indicators for the respective user plane functions to achieve a desired quality of experience for the user plane traffic sessions.
-
公开(公告)号:US20230379319A1
公开(公告)日:2023-11-23
申请号:US17749274
申请日:2022-05-20
Applicant: Cisco Technology, Inc.
Inventor: Vinay Saini , Rajesh Indira VISWAMBHARAN , Nagendra Kumar NAINAR , Akram Ismail SHERIFF , David John ZACKS
IPC: H04L9/40
CPC classification number: H04L63/083 , H04L63/20
Abstract: In one embodiment, a method herein comprises: receiving, at a device, a registration request from a telemetry exporter that transmits telemetry data; generating, by the device, a telemetry configuration file for the telemetry exporter, the telemetry configuration file defining a policy for transmission of telemetry data from the telemetry exporter and an authentication token for the telemetry exporter; sharing, by the device, the policy with a security enforcer; and sending, by the device, the telemetry configuration file to the telemetry exporter, wherein the telemetry exporter is caused to connect with the security enforcer using the authentication token, send the telemetry configuration file to the security enforcer, and transmit collected telemetry data to the security enforcer, and wherein the security enforcer is caused to create a dynamic publish-subscribe stream for publishing the collected telemetry data received from the telemetry exporter based on the telemetry configuration file and the policy.
-
公开(公告)号:US11683380B2
公开(公告)日:2023-06-20
申请号:US17171700
申请日:2021-02-09
Applicant: Cisco Technology, Inc.
Inventor: Kaustubh Inamdar , Vinay Saini , Ankush Ganpatrai Arora
IPC: G06F15/16 , H04L67/148 , H04L67/141 , H04L9/40 , H04L12/18 , H04L67/147 , H04H60/23
CPC classification number: H04L67/148 , H04H60/23 , H04L12/1813 , H04L63/0442 , H04L63/102 , H04L67/141 , H04L67/147
Abstract: A method for a seamless transfer of a secure multimedia conference session from one endpoint device to another without a need to rekey the session is provided. In this method, a first endpoint device connects a participant to a multimedia conference session to which at least one other participant is connected and based on detecting one or more second endpoint devices within a predetermined location proximity of the first endpoint device, determines whether to transfer the multimedia conference session to a target endpoint device. Based on determining that the session is to be transferred, the first endpoint device establishes a secure pairing connection directly with the target endpoint device and provides, via the secure pairing connection, information about the multimedia conference session based on which the multimedia conference session is transferred to the target endpoint device without rekeying the multimedia conference session.
-
公开(公告)号:US11601496B1
公开(公告)日:2023-03-07
申请号:US17728657
申请日:2022-04-25
Applicant: Cisco Technology, Inc.
Inventor: Prakash C. Jain , Sanjay Kumar Hooda , Marc Portoles Comeras , Vinay Saini , Victor Manuel Moreno
IPC: G06F15/16 , H04L67/1001 , H04L41/122 , H04L67/51 , H04L45/76 , H04L41/0893
Abstract: This disclosure describes techniques and mechanisms for providing hybrid cloud services for enterprise fabric. The techniques include enhancing an on-demand protocol (e.g., such as LISP) and allowing simplified security and/or firewall service insertion for datacenter servers providing those services. Accordingly, the techniques described herein provide hybrid cloud services that work in disaggregated, distributed, and consistent way, while avoiding complex datacenter network devices (e.g., such running overlay on TOR), replacing and moving the functionality to on demand protocol enabled servers, which intelligently receive the required mappings as well as registers and publishes the service information to intelligently interact with the network.
-
公开(公告)号:US20220263820A1
公开(公告)日:2022-08-18
申请号:US17174906
申请日:2021-02-12
Applicant: Cisco Technology, Inc.
Inventor: Robert E. Barton , Jerome Henry , Vinay Saini
IPC: H04L29/06
Abstract: In one embodiment, a management service for a network that is executed by one or more devices establishes a trust relationship with an entity associated with an endpoint in the network. The management service receives, via a Manufacturer Usage Description (MUD) file for the endpoint, an indication that the entity desires remote access to the endpoint in the network. The management service configures, based on the indication, the network to provide a remote access connection between the entity and the endpoint in the network. The management service provides, to the entity, credentials to the entity for the remote access connection.
-
公开(公告)号:US11297534B2
公开(公告)日:2022-04-05
申请号:US16536555
申请日:2019-08-09
Applicant: Cisco Technology, Inc.
Inventor: Ankush Ganpatrai Arora , Rajaneesh Sudhakar Shetty , Ananya Simlai , Vinay Saini
Abstract: A method is provided for use in a network that includes a plurality of user plane functions that perform processing of user plane traffic sessions from one or more mobile wireless user devices. The method includes periodically monitoring resource utilization of the plurality of user plane functions to estimate a resource utilization level of respective user plane functions. Based on the periodically monitoring, the method further includes storing for the respective user plane functions a resource utilization level indicator for each of the respective user plane functions according a resource utilization level of the respective user plane functions. User plane traffic sessions for a given tracking area are re-assigned (moved) among the plurality of user plane functions based on the resource utilization level indicators for the respective user plane functions to achieve a desired quality of experience for the user plane traffic sessions.
-
公开(公告)号:US20250055721A1
公开(公告)日:2025-02-13
申请号:US18231195
申请日:2023-08-07
Applicant: Cisco Technology, Inc.
Inventor: Atahar Khan , Vinay Saini , Ankush Ganpatrai Arora , Ganesh Ramalingam Chelliah
Abstract: With a controller coupled to a first multicast domain and a second multicast domain having incompatible multicast profiles, source and group (S,G) state information may be extracted from a plurality of nodes of the first multicast domain and the second multicast domain, A first interdomain border node may be within the first multicast domain. A second interdomain border node may be defined within the second multicast domain. The (S,G) state information may be transmitted to the first interdomain border node and the second interdomain border node. The multicast traffic may be transmitted between the first multicast domain and the second multicast domain via the first interdomain border node and the second interdomain border node based at least in part on the (S,G) state information.
-
-
-
-
-
-
-
-
-