公开(公告)号：US10601766B2

公开(公告)日：2020-03-24

申请号：US15556732

申请日：2015-03-13

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shaun Wackerly ,  Shaun Wakumoto ,  Duane Edward Mentze

IPC: G06F15/173 ,  H04L29/12 ,  H04L29/06

Abstract: Example embodiments disclosed herein relate to determining whether a device exhibits anomalous behavior based on a set of rules, address usage information, and address range information. Address usage information for a device communicating on a data plane of a network implemented using switches is received via a control plane. Address range information for the network is maintained. Whether the device exhibits anomalous behavior is determined based on the set of rules, address usage information, and address range information.

公开(公告)号：US20180375802A1

公开(公告)日：2018-12-27

申请号：US16063475

申请日：2015-12-17

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shaun Wackerly ,  Duane Edward Mentze ,  Charles F. Clark

IPC: H04L12/931 ,  H04L12/24 ,  H04L12/715 ,  H04L12/813

Abstract: In some examples, a method includes accessing an orthogonal network policy set that represents a first intent-based network policy and a second intent-based network policy. The method may also include determining multiple reduced orthogonal network policy sets from the orthogonal network policy set. The multiple reduced orthogonal network policy sets may differ from one another, and each represent the first and second intent-based network policies. The method may further include selecting a particular reduced orthogonal network policy set among the multiple reduced orthogonal network policy sets to implement on a target switching device.

公开(公告)号：US20170013452A1

公开(公告)日：2017-01-12

申请号：US15117282

申请日：2014-04-29

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Duane Edward Mentze ,  Charles F. CLARK

IPC: H04W12/06 ,  H04W72/06 ,  H04W48/20 ,  H04L29/06

CPC classification number: H04W12/06 ,  H04L9/32 ,  H04L12/6418 ,  H04L63/08 ,  H04L2209/80 ,  H04W48/20 ,  H04W72/06

Abstract: In an example, a re-convergence point is determined for a convergence point in a network. A host is currently connected to the convergence point for example to access the network. Authentication information and a policy for the host is sent to the re-convergence point prior to the host connecting to the re-convergence point to access the network.

Abstract translation: 在一个示例中，针对网络中的收敛点确定再收敛点。 主机当前连接到汇聚点，例如连接到网络。 在主机连接到重新收敛点以访问网络之前，将认证信息和主机的策略发送到重新收敛点。

公开(公告)号：US10581743B2

公开(公告)日：2020-03-03

申请号：US15871340

申请日：2018-01-15

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Duane Edward Mentze

IPC: H04L12/801 ,  H04L12/823 ,  H04L12/813

Abstract: In example implementations, a method is provided. The method detects, by a processor, a change in incoming data packet relative to a previously received data packet. In response to the change, group rate limiters are enabled to the incoming data packets for each one of a plurality of different data packet groups. The group rate limiters stop the incoming data packet when the data packet is assigned to one of the plurality of different data packet groups that has reached a respective group rate limiter. A hardware controller is programmed to forward respective data packets in each one of the plurality of different data packet groups.

公开(公告)号：US10530681B2

公开(公告)日：2020-01-07

申请号：US15752377

申请日：2015-08-14

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shaun Wackerly ,  Charles F. Clark ,  Duane Edward Mentze

IPC: H04L12/703 ,  H04L12/725 ,  H04L12/721 ,  H04L12/715 ,  H04L12/707 ,  H04L12/24 ,  H04L12/26 ,  H04L12/813

Abstract: In an example, a method is disclosed for implementing forwarding behavior based on communication activity between an SDN controller and a network device. The method includes generating, for the network device, a first flow table rule to implement first forwarding behavior for a network flow if communication to the SDN controller is active. The first flow table rule comprises match criteria for matching to the network flow, a first timeout value, and a first priority value. The method also includes generating, for the network device, a second flow table rule to implement second forwarding behavior for the network flow if communication to the SDN controller is not active. The second flow table rule comprises match criteria for matching to the network flow, a second timeout value, and a second priority value. The method further includes instructing the network device to implement the first and second flow table rules.

公开(公告)号：US09379899B2

公开(公告)日：2016-06-28

申请号：US14810352

申请日：2015-07-27

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Madhu Prashanth Kannan ,  Christopher Sean Affleck ,  Aparna Anand ,  Duane Edward Mentze

IPC: H04L12/18 ,  H04L12/761 ,  H04L12/741 ,  G06F15/173

CPC classification number: H04L12/18 ,  H04L45/16 ,  H04L45/54

Abstract: A method for multicast routing may include receiving, at a router of a receiving multicast domain, a data packet from a forwarding multicast domain. The method may further include configuring the router to operate as if a multicast forwarding information base entry is directly connected, and configuring the router with a reverse path forwarding override with source discovery such that a path used by multicast traffic is different from a path used for unicast traffic.

公开(公告)号：US20180063072A1

公开(公告)日：2018-03-01

申请号：US15556732

申请日：2015-03-13

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shaun Wackerly ,  Shaun Wakumoto ,  Duane Edward Mentze

IPC: H04L29/12 ,  H04L29/06

CPC classification number: H04L61/103 ,  H04L29/06102 ,  H04L29/12028 ,  H04L61/2015 ,  H04L63/126 ,  H04L63/1408 ,  H04L69/161

Abstract: Example embodiments disclosed herein relate to determining whether a device exhibits anomalous behavior based on a set of rules, address usage information, and address range information. Address usage information for a device communicating on a data plane of a network implemented using switches is received via a control plane. Address range information for the network is maintained. Whether the device exhibits anomalous behavior is determined based on the set of rules, address usage information, and address range information.

公开(公告)号：US20190222519A1

公开(公告)日：2019-07-18

申请号：US15871340

申请日：2018-01-15

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Duane Edward Mentze

IPC: H04L12/801 ,  H04L12/823

Abstract: In example implementations, a method is provided. The method detects, by a processor, a change in incoming data packet relative to a previously received data packet. In response to the change, group rate limiters are enabled to the incoming data packets for each one of a plurality of different data packet groups. The group rate limiters stop the incoming data packet when the data packet is assigned to one of the plurality of different data packet groups that has reached a respective group rate limiter. A hardware controller is programmed to forward respective data packets in each one of the plurality of different data packet groups.

公开(公告)号：US20190007303A1

公开(公告)日：2019-01-03

申请号：US15752377

申请日：2015-08-14

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shaun Wackerly ,  Charles F. Clark ,  Duane Edward Mentze

IPC: H04L12/703 ,  H04L12/813 ,  H04L12/24 ,  H04L12/721 ,  H04L12/26 ,  H04L12/707

CPC classification number: H04L45/28 ,  H04L41/20 ,  H04L43/028 ,  H04L45/22 ,  H04L45/30 ,  H04L45/38 ,  H04L45/64 ,  H04L47/20

Abstract: In an example, a method is disclosed for implementing forwarding behavior based on communication activity between an SDN controller and a network device. The method includes generating, for the network device, a first flow table rule to implement first forwarding behavior for a network flow if communication to the SDN controller is active. The first flow table rule comprises match criteria for matching to the network flow, a first timeout value, and a first priority value. The method also includes generating, for the network device, a second flow table rule to implement second forwarding behavior for the network flow if communication to the SDN controller is not active. The second flow table rule comprises match criteria for matching to the network flow, a second timeout value, and a second priority value. The method further includes instructing the network device to implement the first and second flow table rules.

公开(公告)号：US20170288968A1

公开(公告)日：2017-10-05

申请号：US15507489

申请日：2015-03-23

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Duane Edward Mentze ,  Charles F. CLARK ,  Shaun WACKERLY

IPC: H04L12/24 ,  H04L29/06

CPC classification number: H04L41/0893 ,  H04L12/6418 ,  H04L41/12 ,  H04L41/20 ,  H04L69/03

Abstract: Example implementations relate to compiling network policies. In an example, a method includes dividing a plurality of network policies into an exclusive policy group and a non-exclusive policy group, compiling the policies in the exclusive policy group into a first plurality of orthogonal policies, compiling the policies in the non-exclusive policy group into at least a second plurality of orthogonal policies, where the compiling of each policy group occurs separately.