公开(公告)号：US11856063B2

公开(公告)日：2023-12-26

申请号：US17220812

申请日：2021-04-01

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Gopalakrishnan Gunasekaran ,  Shreekanth Chandranna ,  Bhagvan Cheeyandira

IPC: H04L29/08 ,  H04L67/141 ,  H04L9/40

CPC classification number: H04L67/141 ,  H04L63/0272 ,  H04L63/0823 ,  H04L63/164

Abstract: Systems are methods are provided for implementing cloud survivability which mitigates the loss of secure communication via a cloud orchestrated IPsec tunnel, due to a loss of connectivity to a cloud service. For example, devices can establish IPsec tunnels which are orchestrated by a cloud service, such as SD-WAN Tunnel Orchestration. Then, according to the disclosed cloud survivability techniques, if the connection to the cloud service fails, a cloud survivability phase can be triggered which fails-over from IPsec tunnel to a survivability tunnel. In some implementations, a method includes: determining, by an initiator device, whether there is a loss of connectivity of the initiator device or the responder device with a cloud service. Further, in response to determining that there is a loss of connectivity, automatically establishing a survivability communication link between the initiator device and the responder device.

公开(公告)号：US20230254289A1

公开(公告)日：2023-08-10

申请号：US17667987

申请日：2022-02-09

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Shreekanth Chandranna ,  Bhagvan Cheeyandira ,  Gopalakrishnan Gunasekaran

IPC: H04L9/40

CPC classification number: H04L63/029 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/0435 ,  H04L63/061

Abstract: Systems and methods are provided for effectuating overlay tunnels between software-defined wide area network (SD-WAN) end-point devices despite the use of IPSec passthrough in one or more network devices, such as modems or routers that exist between the end-point devices. In particular, the Internet Key Exchange (IKE) protocol can be allowed to progress until a modem/router is able to establish an IKE tunnel, after which overlay packets using cloud-managed keys can be allowed to pass through the modem/router. An overlay tunnel may then be established between the end-point devices, and the IKE tunnel can be taken down.

公开(公告)号：US20240236048A1

公开(公告)日：2024-07-11

申请号：US18612642

申请日：2024-03-21

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Shreekanth Chandranna ,  Bhagvan Cheeyandira ,  Gopalakrishnan Gunasekaran

IPC: H04L9/40

CPC classification number: H04L63/029 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/0435 ,  H04L63/061

Abstract: Systems and methods are provided for effectuating overlay tunnels between software-defined wide area network (SD-WAN) end-point devices despite the use of IPSec passthrough in one or more network devices, such as modems or routers that exist between the end-point devices. In particular, the Internet Key Exchange (IKE) protocol can be allowed to progress until a modem/router is able to establish an IKE tunnel, after which overlay packets using cloud-managed keys can be allowed to pass through the modem/router. An overlay tunnel may then be established between the end-point devices, and the IKE tunnel can be taken down.

公开(公告)号：US11991152B2

公开(公告)日：2024-05-21

申请号：US17667987

申请日：2022-02-09

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Shreekanth Chandranna ,  Bhagvan Cheeyandira ,  Gopalakrishnan Gunasekaran

IPC: H04L9/40

CPC classification number: H04L63/029 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/0435 ,  H04L63/061

Abstract: Systems and methods are provided for effectuating overlay tunnels between software-defined wide area network (SD-WAN) end-point devices despite the use of IPSec passthrough in one or more network devices, such as modems or routers that exist between the end-point devices. In particular, the Internet Key Exchange (IKE) protocol can be allowed to progress until a modem/router is able to establish an IKE tunnel, after which overlay packets using cloud-managed keys can be allowed to pass through the modem/router. An overlay tunnel may then be established between the end-point devices, and the IKE tunnel can be taken down.

公开(公告)号：US20240121668A1

公开(公告)日：2024-04-11

申请号：US17961347

申请日：2022-10-06

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Gopalakrishnan Gunasekaran ,  Shreekanth Chandranna ,  Naveed M. Shaik ,  Bhagvan B. Cheeyandira

IPC: H04W28/20 ,  H04W28/02

CPC classification number: H04W28/20 ,  H04W28/0236

Abstract: One aspect can provide a system and method for configuring a plurality of branch gateway (BGW) devices coupled to a virtual private network concentrator (VPNC). The VPNC negotiates with a respective BGW device a transmission-bandwidth contract; receives, from the BGW device, a request for additional transmission bandwidth; analyzes traffic patterns to identify one or more BGW devices with unused bandwidth; allocates the requested additional transmission bandwidth to the respective BGW device by reducing transmission bandwidth allocated to the identified one or more BGW devices; and transmits contract-update notifications to the BGW devices to allow each BGW device to update a corresponding transmission-bandwidth contract, which comprises increasing the upper bandwidth limit at the respective BGW device while reducing the upper bandwidth limit at the identified BGW devices. In response to expiration of a timer, the VPNC revokes the additional transmission bandwidth allocated to the respective branch gateway device.