-
公开(公告)号:US11811951B2
公开(公告)日:2023-11-07
申请号:US17133193
申请日:2020-12-23
Applicant: Juniper Networks, Inc.
Inventor: Guy Fedorkow , Sambasiva Rao Katta
IPC: H04L9/32 , H04L41/0668 , H04L45/24 , H04L9/00
CPC classification number: H04L9/3263 , H04L9/3247 , H04L41/0668 , H04L45/24 , H04L9/50
Abstract: A network device may receive a redundant identifier certificate associated with a redundant routing module, and may provide, to a bootstrap device, a primary identifier certificate associated with a primary routing module associated with the network device. The network device may establish a secure connection with the bootstrap device based on the bootstrap device verifying an authenticity of the primary routing module via the primary identifier certificate. The network device may provide, to the bootstrap device via the secure connection, a redundant routing module identifier associated with the redundant routing module and may receive, from the bootstrap device via the secure connection, a signed certificate chain associated with the redundant routing module. The network device may verify the signed certificate chain and may verify the redundant identifier certificate, associated with the redundant routing module, based on verifying the signed certificate chain.
-
公开(公告)号:US12278912B2
公开(公告)日:2025-04-15
申请号:US18487514
申请日:2023-10-16
Applicant: Juniper Networks, Inc.
Inventor: Guy Fedorkow , Sambasiva Rao Katta
IPC: H04L9/32 , H04L41/0668 , H04L45/24 , H04L9/00
Abstract: A network device may receive a redundant identifier certificate associated with a redundant routing module, and may provide, to a bootstrap device, a primary identifier certificate associated with a primary routing module associated with the network device. The network device may establish a secure connection with the bootstrap device based on the bootstrap device verifying an authenticity of the primary routing module via the primary identifier certificate. The network device may provide, to the bootstrap device via the secure connection, a redundant routing module identifier associated with the redundant routing module and may receive, from the bootstrap device via the secure connection, a signed certificate chain associated with the redundant routing module. The network device may verify the signed certificate chain and may verify the redundant identifier certificate, associated with the redundant routing module, based on verifying the signed certificate chain.
-
公开(公告)号:US10833929B2
公开(公告)日:2020-11-10
申请号:US16234379
申请日:2018-12-27
Applicant: Juniper Networks, Inc.
Inventor: Kent A. Watsen , Guy Fedorkow
Abstract: Techniques are disclosed for performing secure remote bootstrapping operations of a network device such that sensitive configuration resides in volatile memory or is inaccessible upon power loss. In one example, a network device performs a first request for onboarding information. In response to determining that a first initialization of the network device has not occurred, the network device performs the first initialization by configuring, with the onboarding information, the network device to mount a portion of a file system to a volatile memory and not a non-volatile memory. After rebooting, the network device performs a second request for the onboarding information. In response to determining that the first initialization of the network device has occurred, the network device performs a bootstrapping operation of the network device. The bootstrapping operation may configure the network device for remote management such that any subsequent configuration obtained remotely is not retained on power loss.
-
公开(公告)号:US20200213191A1
公开(公告)日:2020-07-02
申请号:US16234379
申请日:2018-12-27
Applicant: Juniper Networks, Inc.
Inventor: Kent A. Watsen , Guy Fedorkow
Abstract: Techniques are disclosed for performing secure remote bootstrapping operations of a network device such that sensitive configuration resides in volatile memory or is inaccessible upon power loss. In one example, a network device performs a first request for onboarding information. In response to determining that a first initialization of the network device has not occurred, the network device performs the first initialization by configuring, with the onboarding information, the network device to mount a portion of a file system to a volatile memory and not a non-volatile memory. After rebooting, the network device performs a second request for the onboarding information. In response to determining that the first initialization of the network device has occurred, the network device performs a bootstrapping operation of the network device. The bootstrapping operation may configure the network device for remote management such that any subsequent configuration obtained remotely is not retained on power loss.
-
-
-
Search Results
4
records
(took 0.011 seconds)
