公开(公告)号：US11005814B2

公开(公告)日：2021-05-11

申请号：US15316688

申请日：2014-06-10

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Joseph A. Curcio ,  Jechun Chiu ,  Bruce E. Lavigne ,  Wei Lu ,  Shaun Wakumoto ,  Mauricio Sanchez ,  Matthew Laswell

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/64 ,  H04L12/26

Abstract: An example of a computing system is described herein. The computing system includes a plurality of network security devices. The computing system also includes a network switch configured to direct network traffic. The computing system further includes a controller coupled to the network switch. The controller is to instruct the network switch in directing network traffic to the plurality of network security devices.

公开(公告)号：US10469377B2

公开(公告)日：2019-11-05

申请号：US15532618

申请日：2014-12-02

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Bruce E. LaVigne ,  Shaun Wakumoto

IPC: H04L12/28 ,  H04L12/741 ,  H04L12/64 ,  H04L12/46 ,  H04L29/12

Abstract: Systems and methods associated with service insertion forwarding are disclosed. One example method includes building a service insertion address table. The service insertion address table may associate service insertion tunnels with device addresses based on payload source addresses retrieved from packets received via the service insertion tunnels. The method also includes forwarding a packet received from a source device to a destination device. The packet may be received from the source device via a source service insertion tunnel. The packet may be forwarded to the destination device via a destination service insertion tunnel. The destination service insertion tunnel may be associated with the destination device in the service insertion address table.

公开(公告)号：US10348684B2

公开(公告)日：2019-07-09

申请号：US15255095

申请日：2016-09-01

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Shaun Wakumoto ,  Freeman Yufei Huang ,  Tomas Navarro ,  Nam Soo Kim ,  Bruce E Lavigne ,  Jechun Chiu ,  Sebastien Tandel

IPC: H04L29/06 ,  H04L29/12

Abstract: Examples include a network device to filter a packet for a packet type. The network device includes a filter to receive the packet and to determine whether the packet is a defined packet type. The network device also includes a Bloom filter to receive the packet from the filter based on the determination that the packet is a defined packet type and to determine whether the packet is a matched packet or an unmatched packet. A processing resource of the network device may receive the packet from the Bloom filter based on the determination that the packet is a matched packet and to determine whether the packet is an exact match.

公开(公告)号：US20180007075A1

公开(公告)日：2018-01-04

申请号：US15548498

申请日：2015-02-12

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Shaun Wackerly ,  Duane Mentze ,  Shaun Wakumoto

IPC: H04L29/06

CPC classification number: H04L63/1425 ,  H04L12/22 ,  H04L61/2015 ,  H04L63/1416

Abstract: Example embodiments disclosed herein relate to monitoring Dynamic Device Configuration Protocol offers via a control plane. In one example, an address range or multiple address ranges for sources of the Dynamic Device Configuration Protocol offers can be tracked. In this example, an anomaly can be determined based on one of the Dynamic Device Configuration Protocol offers and the address range(s).

公开(公告)号：US11336527B2

公开(公告)日：2022-05-17

申请号：US16889648

申请日：2020-06-01

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shaun Wackerly ,  Shaun Wakumoto ,  Sagar Bhanagay

IPC: H04L12/24 ,  H04L41/0893 ,  H04L41/28 ,  H04L41/22

Abstract: An expression evaluation system is provided. During operation, the system can obtain an encoded expression associated with a user group of a network and evaluate the encoded expression for a first switch to determine a first set of commands that the user group is allowed to execute on the first switch. The encoded expression can encode a set of commands. The system can then determine validity of the first set of commands for the user group by determining whether a respective user of the user group should be allowed to execute the first set of commands on the first switch. If the system identifies an issue with the validity of the first set commands, the system can generate a notification indicating the issue.

公开(公告)号：US20210182399A1

公开(公告)日：2021-06-17

申请号：US16717158

申请日：2019-12-17

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Mohamed Kahn ,  Shaun Wakumoto ,  Ted T. Nguyen

IPC: G06F21/57 ,  G06F21/46 ,  G06F21/31 ,  G06F9/4401

Abstract: A method for accessing a computing device including launching a first operating system having a bootloader to boot a second operating system into a random-access memory on the computing device, the first operating system and the second operating system having access to an administrator password contained in an administrator password file located in a persistent file of the computing device and booting the second operating system from the first operating system bootloader to populate a filesystem into the second operating system. Also, executing a login failsafe by the second operating system to read the administrator password contained in the administrator password file located in the persistent file and installing the administrator password file in the filesystem of the second operating system by the login failsafe. The method further including failing to complete the booting of the second operating system and allowing access to the computing device through an administrator user account protected by the administrator password when the second operating system fails to complete the booting.

公开(公告)号：US10944695B2

公开(公告)日：2021-03-09

申请号：US15567324

申请日：2015-04-30

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shawn E. Reynolds ,  Shaun Wakumoto ,  Jay G. Schudel

IPC: H04L12/931 ,  H04L12/825 ,  H04L12/26 ,  H04L29/06 ,  H04L12/24

Abstract: In some examples, a method can include monitoring data traffic along an uplink port and along at least a subset of a plurality of host ports, determining whether the uplink port is oversubscribed based on the monitored data traffic, determining whether a given host port of the at least a subset of host ports is receiving excessive data traffic in response to determining that the uplink port is oversubscribed, and flagging a host port that is determined to be receiving excessive data traffic.

公开(公告)号：US10601766B2

公开(公告)日：2020-03-24

申请号：US15556732

申请日：2015-03-13

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Shaun Wackerly ,  Shaun Wakumoto ,  Duane Edward Mentze

IPC: G06F15/173 ,  H04L29/12 ,  H04L29/06

Abstract: Example embodiments disclosed herein relate to determining whether a device exhibits anomalous behavior based on a set of rules, address usage information, and address range information. Address usage information for a device communicating on a data plane of a network implemented using switches is received via a control plane. Address range information for the network is maintained. Whether the device exhibits anomalous behavior is determined based on the set of rules, address usage information, and address range information.

公开(公告)号：US11372979B2

公开(公告)日：2022-06-28

申请号：US16717158

申请日：2019-12-17

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Mohamed Kahn ,  Shaun Wakumoto ,  Ted T. Nguyen

IPC: G06F21/57 ,  G06F9/4401 ,  G06F21/31 ,  G06F21/46

Abstract: A method for accessing a computing device including launching a first operating system having a bootloader to boot a second operating system into a random-access memory on the computing device, the first operating system and the second operating system having access to an administrator password contained in an administrator password file located in a persistent file of the computing device and booting the second operating system from the first operating system bootloader to populate a filesystem into the second operating system. Also, executing a login failsafe by the second operating system to read the administrator password contained in the administrator password file located in the persistent file and installing the administrator password file in the filesystem of the second operating system by the login failsafe. The method further including failing to complete the booting of the second operating system and allowing access to the computing device through an administrator user account protected by the administrator password when the second operating system fails to complete the booting.

公开(公告)号：US20170346734A1

公开(公告)日：2017-11-30

申请号：US15532618

申请日：2014-12-02

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Bruce E. LaVigne ,  Shaun Wakumoto

IPC: H04L12/741 ,  H04L12/46 ,  H04L29/12

CPC classification number: H04L45/74 ,  H04L12/4633 ,  H04L12/6418 ,  H04L61/2007 ,  H04L61/6022

Abstract: Systems and methods associated with service insertion forwarding are disclosed. One example method includes building a service insertion address table. The service insertion address table may associate service insertion tunnels with device addresses based on payload source addresses retrieved from packets received via the service insertion tunnels. The method also includes forwarding a packet received from a source device to a destination device. The packet may be received from the source device via a source service insertion tunnel. The packet may be forwarded to the destination device via a destination service insertion tunnel. The destination service insertion tunnel may be associated with the destination device in the service insertion address table.